Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-0809 (GCVE-0-2023-0809)
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:24:34.509Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-09" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-0809", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-20T14:51:17.455933Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-20T14:51:34.000Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Mosquitto", "vendor": "Eclipse", "versions": [ { "lessThan": "2.0.16", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets." } ], "value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets." } ], "impacts": [ { "capecId": "CAPEC-130", "descriptions": [ { "lang": "en", "value": "CAPEC-130 Excessive Allocation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-789", "description": "CWE-789", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-07T10:06:16.711Z", "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse" }, "references": [ { "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "url": "https://security.gentoo.org/glsa/202401-09" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "SecretariatVulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "assignerShortName": "eclipse", "cveId": "CVE-2023-0809", "datePublished": "2023-10-02T18:56:26.824Z", "dateReserved": "2023-02-13T14:04:10.012Z", "dateUpdated": "2025-02-13T16:39:08.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-0809\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2023-10-02T19:15:09.717\",\"lastModified\":\"2024-11-21T07:37:52.583\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.\"},{\"lang\":\"es\",\"value\":\"En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en funci\u00f3n de paquetes iniciales maliciosos que no son paquetes CONNECT.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-789\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.16\",\"matchCriteriaId\":\"C744F41F-1469-4455-8C1C-B06373070721\"}]}]}],\"references\":[{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", "vulnrichment": { "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-09\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T05:24:34.509Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-0809\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-20T14:51:17.455933Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-20T14:51:30.507Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-130\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-130 Excessive Allocation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Eclipse\", \"product\": \"Mosquitto\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.0.16\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://mosquitto.org/blog/2023/08/version-2-0-16-released/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-09\"}], \"x_generator\": {\"engine\": \"SecretariatVulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-789\", \"description\": \"CWE-789\"}]}], \"providerMetadata\": {\"orgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"shortName\": \"eclipse\", \"dateUpdated\": \"2024-01-07T10:06:16.711Z\"}}}", "cveMetadata": "{\"cveId\": \"CVE-2023-0809\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T16:39:08.267Z\", \"dateReserved\": \"2023-02-13T14:04:10.012Z\", \"assignerOrgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"datePublished\": \"2023-10-02T18:56:26.824Z\", \"assignerShortName\": \"eclipse\"}", "dataType": "CVE_RECORD", "dataVersion": "5.1" } } }
opensuse-su-2024:13546-1
Vulnerability from csaf_opensuse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "libmosquitto1-2.0.18-1.1 on GA media", "title": "Title of the patch" }, { "category": "description", "text": "These are all security issues fixed in the libmosquitto1-2.0.18-1.1 package on the GA media of openSUSE Tumbleweed.", "title": "Description of the patch" }, { "category": "details", "text": "openSUSE-Tumbleweed-2024-13546", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13546-1.json" }, { "category": "self", "summary": "SUSE CVE CVE-2023-0809 page", "url": "https://www.suse.com/security/cve/CVE-2023-0809/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-28366 page", "url": "https://www.suse.com/security/cve/CVE-2023-28366/" }, { "category": "self", "summary": "SUSE CVE CVE-2023-3592 page", "url": "https://www.suse.com/security/cve/CVE-2023-3592/" } ], "title": "libmosquitto1-2.0.18-1.1 on GA media", "tracking": { "current_release_date": "2024-06-15T00:00:00Z", "generator": { "date": "2024-06-15T00:00:00Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "openSUSE-SU-2024:13546-1", "initial_release_date": "2024-06-15T00:00:00Z", "revision_history": [ { "date": "2024-06-15T00:00:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "libmosquitto1-2.0.18-1.1.aarch64", "product": { "name": "libmosquitto1-2.0.18-1.1.aarch64", "product_id": "libmosquitto1-2.0.18-1.1.aarch64" } }, { "category": "product_version", "name": "libmosquittopp1-2.0.18-1.1.aarch64", "product": { "name": "libmosquittopp1-2.0.18-1.1.aarch64", "product_id": "libmosquittopp1-2.0.18-1.1.aarch64" } }, { "category": "product_version", "name": "mosquitto-2.0.18-1.1.aarch64", "product": { "name": "mosquitto-2.0.18-1.1.aarch64", "product_id": "mosquitto-2.0.18-1.1.aarch64" } }, { "category": "product_version", "name": "mosquitto-clients-2.0.18-1.1.aarch64", "product": { "name": "mosquitto-clients-2.0.18-1.1.aarch64", "product_id": "mosquitto-clients-2.0.18-1.1.aarch64" } }, { "category": "product_version", "name": "mosquitto-devel-2.0.18-1.1.aarch64", "product": { "name": "mosquitto-devel-2.0.18-1.1.aarch64", "product_id": "mosquitto-devel-2.0.18-1.1.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "libmosquitto1-2.0.18-1.1.ppc64le", "product": { "name": "libmosquitto1-2.0.18-1.1.ppc64le", "product_id": "libmosquitto1-2.0.18-1.1.ppc64le" } }, { "category": "product_version", "name": "libmosquittopp1-2.0.18-1.1.ppc64le", "product": { "name": "libmosquittopp1-2.0.18-1.1.ppc64le", "product_id": "libmosquittopp1-2.0.18-1.1.ppc64le" } }, { "category": "product_version", "name": "mosquitto-2.0.18-1.1.ppc64le", "product": { "name": "mosquitto-2.0.18-1.1.ppc64le", "product_id": "mosquitto-2.0.18-1.1.ppc64le" } }, { "category": "product_version", "name": "mosquitto-clients-2.0.18-1.1.ppc64le", "product": { "name": "mosquitto-clients-2.0.18-1.1.ppc64le", "product_id": "mosquitto-clients-2.0.18-1.1.ppc64le" } }, { "category": "product_version", "name": "mosquitto-devel-2.0.18-1.1.ppc64le", "product": { "name": "mosquitto-devel-2.0.18-1.1.ppc64le", "product_id": "mosquitto-devel-2.0.18-1.1.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "libmosquitto1-2.0.18-1.1.s390x", "product": { "name": "libmosquitto1-2.0.18-1.1.s390x", "product_id": "libmosquitto1-2.0.18-1.1.s390x" } }, { "category": "product_version", "name": "libmosquittopp1-2.0.18-1.1.s390x", "product": { "name": "libmosquittopp1-2.0.18-1.1.s390x", "product_id": "libmosquittopp1-2.0.18-1.1.s390x" } }, { "category": "product_version", "name": "mosquitto-2.0.18-1.1.s390x", "product": { "name": "mosquitto-2.0.18-1.1.s390x", "product_id": "mosquitto-2.0.18-1.1.s390x" } }, { "category": "product_version", "name": "mosquitto-clients-2.0.18-1.1.s390x", "product": { "name": "mosquitto-clients-2.0.18-1.1.s390x", "product_id": "mosquitto-clients-2.0.18-1.1.s390x" } }, { "category": "product_version", "name": "mosquitto-devel-2.0.18-1.1.s390x", "product": { "name": "mosquitto-devel-2.0.18-1.1.s390x", "product_id": "mosquitto-devel-2.0.18-1.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "libmosquitto1-2.0.18-1.1.x86_64", "product": { "name": "libmosquitto1-2.0.18-1.1.x86_64", "product_id": "libmosquitto1-2.0.18-1.1.x86_64" } }, { "category": "product_version", "name": "libmosquittopp1-2.0.18-1.1.x86_64", "product": { "name": "libmosquittopp1-2.0.18-1.1.x86_64", "product_id": "libmosquittopp1-2.0.18-1.1.x86_64" } }, { "category": "product_version", "name": "mosquitto-2.0.18-1.1.x86_64", "product": { "name": "mosquitto-2.0.18-1.1.x86_64", "product_id": "mosquitto-2.0.18-1.1.x86_64" } }, { "category": "product_version", "name": "mosquitto-clients-2.0.18-1.1.x86_64", "product": { "name": "mosquitto-clients-2.0.18-1.1.x86_64", "product_id": "mosquitto-clients-2.0.18-1.1.x86_64" } }, { "category": "product_version", "name": "mosquitto-devel-2.0.18-1.1.x86_64", "product": { "name": "mosquitto-devel-2.0.18-1.1.x86_64", "product_id": "mosquitto-devel-2.0.18-1.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "openSUSE Tumbleweed", "product": { "name": "openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed", "product_identification_helper": { "cpe": "cpe:/o:opensuse:tumbleweed" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libmosquitto1-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64" }, "product_reference": "libmosquitto1-2.0.18-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquitto1-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le" }, "product_reference": "libmosquitto1-2.0.18-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquitto1-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x" }, "product_reference": "libmosquitto1-2.0.18-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquitto1-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64" }, "product_reference": "libmosquitto1-2.0.18-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquittopp1-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64" }, "product_reference": "libmosquittopp1-2.0.18-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquittopp1-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le" }, "product_reference": "libmosquittopp1-2.0.18-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquittopp1-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x" }, "product_reference": "libmosquittopp1-2.0.18-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "libmosquittopp1-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64" }, "product_reference": "libmosquittopp1-2.0.18-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64" }, "product_reference": "mosquitto-2.0.18-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le" }, "product_reference": "mosquitto-2.0.18-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x" }, "product_reference": "mosquitto-2.0.18-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64" }, "product_reference": "mosquitto-2.0.18-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-clients-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64" }, "product_reference": "mosquitto-clients-2.0.18-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-clients-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le" }, "product_reference": "mosquitto-clients-2.0.18-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-clients-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x" }, "product_reference": "mosquitto-clients-2.0.18-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-clients-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64" }, "product_reference": "mosquitto-clients-2.0.18-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-devel-2.0.18-1.1.aarch64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64" }, "product_reference": "mosquitto-devel-2.0.18-1.1.aarch64", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-devel-2.0.18-1.1.ppc64le as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le" }, "product_reference": "mosquitto-devel-2.0.18-1.1.ppc64le", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-devel-2.0.18-1.1.s390x as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x" }, "product_reference": "mosquitto-devel-2.0.18-1.1.s390x", "relates_to_product_reference": "openSUSE Tumbleweed" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-devel-2.0.18-1.1.x86_64 as component of openSUSE Tumbleweed", "product_id": "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" }, "product_reference": "mosquitto-devel-2.0.18-1.1.x86_64", "relates_to_product_reference": "openSUSE Tumbleweed" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0809", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2023-0809" } ], "notes": [ { "category": "general", "text": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2023-0809", "url": "https://www.suse.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "SUSE Bug 1215865 for CVE-2023-0809", "url": "https://bugzilla.suse.com/1215865" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "moderate" } ], "title": "CVE-2023-0809" }, { "cve": "CVE-2023-28366", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2023-28366" } ], "notes": [ { "category": "general", "text": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2023-28366", "url": "https://www.suse.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "SUSE Bug 1214918 for CVE-2023-28366", "url": "https://bugzilla.suse.com/1214918" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2023-28366" }, { "cve": "CVE-2023-3592", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2023-3592" } ], "notes": [ { "category": "general", "text": "In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.", "title": "CVE description" } ], "product_status": { "recommended": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2023-3592", "url": "https://www.suse.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "SUSE Bug 1215864 for CVE-2023-3592", "url": "https://bugzilla.suse.com/1215864" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquitto1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.s390x", "openSUSE Tumbleweed:libmosquittopp1-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-clients-2.0.18-1.1.x86_64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.aarch64", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.ppc64le", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.s390x", "openSUSE Tumbleweed:mosquitto-devel-2.0.18-1.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2024-06-15T00:00:00Z", "details": "important" } ], "title": "CVE-2023-3592" } ] }
gsd-2023-0809
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2023-0809", "id": "GSD-2023-0809" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-0809" ], "details": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.", "id": "GSD-2023-0809", "modified": "2023-12-13T01:20:23.021547Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@eclipse.org", "ID": "CVE-2023-0809", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Mosquitto", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "0", "version_value": "2.0.16" } ] } } ] }, "vendor_name": "Eclipse" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets." } ] }, "generator": { "engine": "SecretariatVulnogram 0.1.0-dev" }, "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-789", "lang": "eng", "value": "CWE-789" } ] } ] }, "references": { "reference_data": [ { "name": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/", "refsource": "MISC", "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "name": "https://security.gentoo.org/glsa/202401-09", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/202401-09" } ] }, "source": { "discovery": "UNKNOWN" } }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*", "matchCriteriaId": "C744F41F-1469-4455-8C1C-B06373070721", "versionEndExcluding": "2.0.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets." }, { "lang": "es", "value": "En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en funci\u00f3n de paquetes iniciales maliciosos que no son paquetes CONNECT." } ], "id": "CVE-2023-0809", "lastModified": "2024-01-07T10:15:08.310", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "emo@eclipse.org", "type": "Secondary" } ] }, "published": "2023-10-02T19:15:09.717", "references": [ { "source": "emo@eclipse.org", "tags": [ "Release Notes" ], "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "source": "emo@eclipse.org", "url": "https://security.gentoo.org/glsa/202401-09" } ], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-770" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-789" } ], "source": "emo@eclipse.org", "type": "Secondary" } ] } } } }
rhsa-2024_1061
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don\u0027t get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1061", "url": "https://access.redhat.com/errata/RHSA-2024:1061" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003" }, { "category": "external", "summary": "2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2257299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257299" }, { "category": "external", "summary": "2257300", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257300" }, { "category": "external", "summary": "2257302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257302" }, { "category": "external", "summary": "2257314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257314" }, { "category": "external", "summary": "2257316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257316" }, { "category": "external", "summary": "2260526", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260526" }, { "category": "external", "summary": "2264354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264354" }, { "category": "external", "summary": "2264918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264918" }, { "category": "external", "summary": "2265149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265149" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json" } ], "title": "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", "tracking": { "current_release_date": "2024-11-24T12:31:15+00:00", "generator": { "date": "2024-11-24T12:31:15+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:1061", "initial_release_date": "2024-02-29T20:37:45+00:00", "revision_history": [ { "date": "2024-02-29T20:37:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-29T20:37:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-24T12:31:15+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_maintenance:6.13::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product_id": "createrepo_c-0:1.0.2-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.src", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.src", "product_id": "foreman-0:3.5.1.24-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_id": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.src", "product": { "name": "satellite-0:6.13.7-1.el8sat.src", "product_id": "satellite-0:6.13.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product_id": "satellite-clone-0:3.5.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_id": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_id": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Fernando Velazquez" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2022-4130", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145254" } ], "notes": [ { "category": "description", "text": "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker\u0027s server by modifying the Referer header in an HTTP request of specific resources in the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "satellite: Blind SSRF via Referer header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4130" }, { "category": "external", "summary": "RHBZ#2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4130", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4130" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130" } ], "release_date": "2023-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "satellite: Blind SSRF via Referer header" }, { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4886", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-08-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2230135" } ], "notes": [ { "category": "description", "text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.", "title": "Vulnerability description" }, { "category": "summary", "text": "foreman: World readable file containing secrets", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4886" }, { "category": "external", "summary": "RHBZ#2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886" } ], "release_date": "2023-10-03T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "foreman: World readable file containing secrets" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" } ] }
rhsa-2024:0797
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - \u0027Sun, 11 Jun 2023 17:51:29 GMT\u0027 could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format \u003cparent_device\u003e.\u003cvlan_id\u003e in addition to vlan\u003cvlan_id\u003e\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don\u0027t get an origin\n2257329 - Host registration fails with error \"Attached to can\u0027t be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for \u0027registered_through\u0027\n2257332 - Registration can\u0027t find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0797", "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "2250347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250347" }, { "category": "external", "summary": "2254974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254974" }, { "category": "external", "summary": "2255260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255260" }, { "category": "external", "summary": "2257321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257321" }, { "category": "external", "summary": "2257324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257324" }, { "category": "external", "summary": "2257326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257326" }, { "category": "external", "summary": "2257327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257327" }, { "category": "external", "summary": "2257329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257329" }, { "category": "external", "summary": "2257330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257330" }, { "category": "external", "summary": "2257331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257331" }, { "category": "external", "summary": "2257332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257332" }, { "category": "external", "summary": "2257415", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257415" }, { "category": "external", "summary": "2260525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260525" }, { "category": "external", "summary": "2262131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262131" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json" } ], "title": "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", "tracking": { "current_release_date": "2025-10-09T23:04:36+00:00", "generator": { "date": "2025-10-09T23:04:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.6.9" } }, "id": "RHSA-2024:0797", "initial_release_date": "2024-02-13T14:45:57+00:00", "revision_history": [ { "date": "2024-02-13T14:45:57+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-13T14:45:57+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-10-09T23:04:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.14::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.src", "product": { "name": "candlepin-0:4.3.11-1.el8sat.src", "product_id": "candlepin-0:4.3.11-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.src", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.src", "product_id": "foreman-0:3.7.0.11-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product_id": "puppet-agent-0:7.27.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.src", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.src", "product_id": "puppetserver-0:7.14.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.src", "product": { "name": "satellite-0:6.14.2-1.el8sat.src", "product_id": "satellite-0:6.14.2-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_id": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_id": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4785", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239017" } ], "notes": [ { "category": "description", "text": "A flaw was found in gRPC. Lack of error handling in the TCP server in Google\u0027s gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "gRPC: file descriptor exhaustion leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4785" }, { "category": "external", "summary": "RHBZ#2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4785", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", "url": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33656", "url": "https://github.com/grpc/grpc/pull/33656" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33667", "url": "https://github.com/grpc/grpc/pull/33667" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33669", "url": "https://github.com/grpc/grpc/pull/33669" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33670", "url": "https://github.com/grpc/grpc/pull/33670" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33672", "url": "https://github.com/grpc/grpc/pull/33672" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gRPC: file descriptor exhaustion leads to denial of service" }, { "cve": "CVE-2023-26049", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "discovery_date": "2023-08-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236341" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26049" }, { "category": "external", "summary": "RHBZ#2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26049" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c" } ], "release_date": "2023-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies" }, { "cve": "CVE-2023-26141", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239010" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "sidekiq: DoS in dashboard-charts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26141" }, { "category": "external", "summary": "RHBZ#2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26141", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26141" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141" }, { "category": "external", "summary": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", "url": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sidekiq: DoS in dashboard-charts" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-36479", "cwe": { "id": "CWE-149", "name": "Improper Neutralization of Quoting Syntax" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239630" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-36479" }, { "category": "external", "summary": "RHBZ#2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet" }, { "acknowledgments": [ { "names": [ "Jay Satiro" ] } ], "cve": "CVE-2023-38545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-10-03T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2241933" } ], "notes": [ { "category": "description", "text": "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: heap based buffer overflow in the SOCKS5 proxy handshake", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-38545" }, { "category": "external", "summary": "RHBZ#2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-38545", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-38545.html", "url": "https://curl.se/docs/CVE-2023-38545.html" } ], "release_date": "2023-10-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "workaround", "details": "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "curl: heap based buffer overflow in the SOCKS5 proxy handshake" }, { "cve": "CVE-2023-40167", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239634" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper validation of HTTP/1 content-length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40167" }, { "category": "external", "summary": "RHBZ#2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6" }, { "category": "external", "summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", "url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: Improper validation of HTTP/1 content-length" }, { "cve": "CVE-2023-40175", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2023-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2232729" } ], "notes": [ { "category": "description", "text": "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40175" }, { "category": "external", "summary": "RHBZ#2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40175", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175" }, { "category": "external", "summary": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", "url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8" } ], "release_date": "2023-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers" } ] }
RHSA-2024:0797
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - \u0027Sun, 11 Jun 2023 17:51:29 GMT\u0027 could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format \u003cparent_device\u003e.\u003cvlan_id\u003e in addition to vlan\u003cvlan_id\u003e\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don\u0027t get an origin\n2257329 - Host registration fails with error \"Attached to can\u0027t be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for \u0027registered_through\u0027\n2257332 - Registration can\u0027t find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0797", "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "2250347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250347" }, { "category": "external", "summary": "2254974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254974" }, { "category": "external", "summary": "2255260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255260" }, { "category": "external", "summary": "2257321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257321" }, { "category": "external", "summary": "2257324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257324" }, { "category": "external", "summary": "2257326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257326" }, { "category": "external", "summary": "2257327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257327" }, { "category": "external", "summary": "2257329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257329" }, { "category": "external", "summary": "2257330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257330" }, { "category": "external", "summary": "2257331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257331" }, { "category": "external", "summary": "2257332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257332" }, { "category": "external", "summary": "2257415", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257415" }, { "category": "external", "summary": "2260525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260525" }, { "category": "external", "summary": "2262131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262131" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json" } ], "title": "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", "tracking": { "current_release_date": "2025-10-09T23:04:36+00:00", "generator": { "date": "2025-10-09T23:04:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.6.9" } }, "id": "RHSA-2024:0797", "initial_release_date": "2024-02-13T14:45:57+00:00", "revision_history": [ { "date": "2024-02-13T14:45:57+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-13T14:45:57+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-10-09T23:04:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.14::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.src", "product": { "name": "candlepin-0:4.3.11-1.el8sat.src", "product_id": "candlepin-0:4.3.11-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.src", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.src", "product_id": "foreman-0:3.7.0.11-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product_id": "puppet-agent-0:7.27.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.src", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.src", "product_id": "puppetserver-0:7.14.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.src", "product": { "name": "satellite-0:6.14.2-1.el8sat.src", "product_id": "satellite-0:6.14.2-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_id": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_id": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4785", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239017" } ], "notes": [ { "category": "description", "text": "A flaw was found in gRPC. Lack of error handling in the TCP server in Google\u0027s gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "gRPC: file descriptor exhaustion leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4785" }, { "category": "external", "summary": "RHBZ#2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4785", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", "url": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33656", "url": "https://github.com/grpc/grpc/pull/33656" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33667", "url": "https://github.com/grpc/grpc/pull/33667" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33669", "url": "https://github.com/grpc/grpc/pull/33669" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33670", "url": "https://github.com/grpc/grpc/pull/33670" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33672", "url": "https://github.com/grpc/grpc/pull/33672" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gRPC: file descriptor exhaustion leads to denial of service" }, { "cve": "CVE-2023-26049", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "discovery_date": "2023-08-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236341" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26049" }, { "category": "external", "summary": "RHBZ#2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26049" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c" } ], "release_date": "2023-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies" }, { "cve": "CVE-2023-26141", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239010" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "sidekiq: DoS in dashboard-charts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26141" }, { "category": "external", "summary": "RHBZ#2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26141", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26141" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141" }, { "category": "external", "summary": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", "url": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sidekiq: DoS in dashboard-charts" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-36479", "cwe": { "id": "CWE-149", "name": "Improper Neutralization of Quoting Syntax" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239630" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-36479" }, { "category": "external", "summary": "RHBZ#2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet" }, { "acknowledgments": [ { "names": [ "Jay Satiro" ] } ], "cve": "CVE-2023-38545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-10-03T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2241933" } ], "notes": [ { "category": "description", "text": "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: heap based buffer overflow in the SOCKS5 proxy handshake", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-38545" }, { "category": "external", "summary": "RHBZ#2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-38545", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-38545.html", "url": "https://curl.se/docs/CVE-2023-38545.html" } ], "release_date": "2023-10-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "workaround", "details": "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "curl: heap based buffer overflow in the SOCKS5 proxy handshake" }, { "cve": "CVE-2023-40167", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239634" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper validation of HTTP/1 content-length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40167" }, { "category": "external", "summary": "RHBZ#2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6" }, { "category": "external", "summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", "url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: Improper validation of HTTP/1 content-length" }, { "cve": "CVE-2023-40175", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2023-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2232729" } ], "notes": [ { "category": "description", "text": "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40175" }, { "category": "external", "summary": "RHBZ#2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40175", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175" }, { "category": "external", "summary": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", "url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8" } ], "release_date": "2023-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers" } ] }
rhsa-2024:1061
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don\u0027t get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1061", "url": "https://access.redhat.com/errata/RHSA-2024:1061" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003" }, { "category": "external", "summary": "2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2257299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257299" }, { "category": "external", "summary": "2257300", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257300" }, { "category": "external", "summary": "2257302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257302" }, { "category": "external", "summary": "2257314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257314" }, { "category": "external", "summary": "2257316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257316" }, { "category": "external", "summary": "2260526", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260526" }, { "category": "external", "summary": "2264354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264354" }, { "category": "external", "summary": "2264918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264918" }, { "category": "external", "summary": "2265149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265149" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json" } ], "title": "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", "tracking": { "current_release_date": "2025-10-09T23:04:36+00:00", "generator": { "date": "2025-10-09T23:04:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.6.9" } }, "id": "RHSA-2024:1061", "initial_release_date": "2024-02-29T20:37:45+00:00", "revision_history": [ { "date": "2024-02-29T20:37:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-29T20:37:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-10-09T23:04:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_maintenance:6.13::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product_id": "createrepo_c-0:1.0.2-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.src", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.src", "product_id": "foreman-0:3.5.1.24-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_id": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.src", "product": { "name": "satellite-0:6.13.7-1.el8sat.src", "product_id": "satellite-0:6.13.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product_id": "satellite-clone-0:3.5.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_id": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_id": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Fernando Velazquez" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2022-4130", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145254" } ], "notes": [ { "category": "description", "text": "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker\u0027s server by modifying the Referer header in an HTTP request of specific resources in the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "satellite: Blind SSRF via Referer header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4130" }, { "category": "external", "summary": "RHBZ#2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4130", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4130" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130" } ], "release_date": "2023-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "satellite: Blind SSRF via Referer header" }, { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4886", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-08-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2230135" } ], "notes": [ { "category": "description", "text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.", "title": "Vulnerability description" }, { "category": "summary", "text": "foreman: World readable file containing secrets", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4886" }, { "category": "external", "summary": "RHBZ#2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886" } ], "release_date": "2023-10-03T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "foreman: World readable file containing secrets" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" } ] }
RHSA-2024:1061
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Satellite 6.13 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations to\nconfigure and maintain their systems without the necessity to provide public\nInternet access to their servers or other client systems. It performs\nprovisioning and configuration management of predefined standard operating\nenvironments.\n\nSecurity Fix(es):\n\n* satellite: Blind SSRF via Referer header (CVE-2022-4130)\n\n* mosquitto: memory leak leads to unresponsive broker (CVE-2023-0809, CVE-2023-28366, CVE-2023-3592)\n\n* foreman: World readable file containing secrets (CVE-2023-4886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Long running postgres threads during content-export (BZ#2257299)\n\n* After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync (BZ#2257300)\n\n* Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user (BZ#2257302)\n\n* Puppet reports without any messages don\u0027t get an origin (BZ#2257314)\n\n* Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". (BZ#2257316)\n\n* [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync (BZ#2260526)\n\n* Support Satellite Clone running on Python 3.12 (BZ#2264354)\n\n* Support Satellite Ansible Collection running on Python 3.12 (BZ#2264918)\n\n* Unable to sync library/busybox from gcr.io (BZ#2265149)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1061", "url": "https://access.redhat.com/errata/RHSA-2024:1061" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003" }, { "category": "external", "summary": "2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2257299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257299" }, { "category": "external", "summary": "2257300", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257300" }, { "category": "external", "summary": "2257302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257302" }, { "category": "external", "summary": "2257314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257314" }, { "category": "external", "summary": "2257316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257316" }, { "category": "external", "summary": "2260526", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260526" }, { "category": "external", "summary": "2264354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264354" }, { "category": "external", "summary": "2264918", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264918" }, { "category": "external", "summary": "2265149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265149" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1061.json" } ], "title": "Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update", "tracking": { "current_release_date": "2025-10-09T23:04:36+00:00", "generator": { "date": "2025-10-09T23:04:36+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.6.9" } }, "id": "RHSA-2024:1061", "initial_release_date": "2024-02-29T20:37:45+00:00", "revision_history": [ { "date": "2024-02-29T20:37:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-29T20:37:45+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-10-09T23:04:36+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.13::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.13 for RHEL 8", "product": { "name": "Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_maintenance:6.13::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.src", "product_id": "createrepo_c-0:1.0.2-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.src", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.src", "product_id": "foreman-0:3.5.1.24-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_id": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.19-2.el8pc?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.src", "product": { "name": "satellite-0:6.13.7-1.el8sat.src", "product_id": "satellite-0:6.13.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.src", "product_id": "satellite-clone-0:3.5.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_id": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.5.1.24-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.5.2.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_id": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.19-2.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.0.5-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_id": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_leapp@0.1.13-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.7.0.36-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-common-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_id": "satellite-cli-0:6.13.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.13.7-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_id": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-collection-redhat-satellite@3.9.0-3.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_id": "satellite-clone-0:3.5.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-clone@3.5.0-1.el8sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-clone-0:3.5.0-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src" }, "product_reference": "satellite-clone-0:3.5.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-maintenance" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13-utils" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src" }, "product_reference": "ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.5.1.24-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" }, "product_reference": "foreman-0:3.5.1.24-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.5.2.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.5.2.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-rpm-0:3.18.19-2.el8pc.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src" }, "product_reference": "python-pulp-rpm-0:3.18.19-2.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64" }, "product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch" }, "product_reference": "python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src" }, "product_reference": "rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.7.0.36-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.7.0.36-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.13.7-1.el8sat.src as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src" }, "product_reference": "satellite-0:6.13.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.13.7-1.el8sat.noarch as a component of Red Hat Satellite 6.13 for RHEL 8", "product_id": "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.13.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.13" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Fernando Velazquez" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2022-4130", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2022-11-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2145254" } ], "notes": [ { "category": "description", "text": "A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker\u0027s server by modifying the Referer header in an HTTP request of specific resources in the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "satellite: Blind SSRF via Referer header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4130" }, { "category": "external", "summary": "RHBZ#2145254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145254" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4130", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4130" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4130" } ], "release_date": "2023-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "satellite: Blind SSRF via Referer header" }, { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4886", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2023-08-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2230135" } ], "notes": [ { "category": "description", "text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.", "title": "Vulnerability description" }, { "category": "summary", "text": "foreman: World readable file containing secrets", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4886" }, { "category": "external", "summary": "RHBZ#2230135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886" } ], "release_date": "2023-10-03T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "foreman: World readable file containing secrets" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-29T20:37:45+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.6/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts", "product_ids": [ "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1061" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13-capsule:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13-capsule:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13-capsule:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13-capsule:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-capsule:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-capsule:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.noarch", "8Base-satellite-6.13-maintenance:satellite-clone-0:3.5.0-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13-utils:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13-utils:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13-utils:satellite-common-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.noarch", "8Base-satellite-6.13:ansible-collection-redhat-satellite-0:3.9.0-3.el8sat.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.src", "8Base-satellite-6.13:createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-0:3.5.1.24-1.el8sat.src", "8Base-satellite-6.13:foreman-cli-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-debug-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-dynflow-sidekiq-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ec2-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-installer-1:3.5.2.7-1.el8sat.src", "8Base-satellite-6.13:foreman-installer-katello-1:3.5.2.7-1.el8sat.noarch", "8Base-satellite-6.13:foreman-journald-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-libvirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-openstack-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-ovirt-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-postgresql-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-service-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-telemetry-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:foreman-vmware-0:3.5.1.24-1.el8sat.noarch", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.13:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.13:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.13:python-pulp-rpm-0:3.18.19-2.el8pc.src", "8Base-satellite-6.13:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64", "8Base-satellite-6.13:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.13:python39-pulp-rpm-0:3.18.19-2.el8pc.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_bootdisk-0:21.0.5-1.el8sat.src", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.noarch", "8Base-satellite-6.13:rubygem-foreman_leapp-0:0.1.13-2.el8sat.src", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.noarch", "8Base-satellite-6.13:rubygem-katello-0:4.7.0.36-1.el8sat.src", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-0:6.13.7-1.el8sat.src", "8Base-satellite-6.13:satellite-capsule-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-cli-0:6.13.7-1.el8sat.noarch", "8Base-satellite-6.13:satellite-common-0:6.13.7-1.el8sat.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" } ] }
rhsa-2024_0797
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n* CVE-2023-26049 (puppetserver): Cookie parsing of quoted values can exfiltrate values from other cookies\n* CVE-2023-26141 (rubygem-sidekiq): Denial of Service (DoS) in dashboard-charts\n* CVE-2023-36479 (puppetserver): Improper addition of quotation marks to user inputs in CgiServlet\n* CVE-2023-38545 (puppet-agent): Heap-based buffer overflow in the SOCKS5 proxy handshake\n* CVE-2023-40167 (puppetserver): Improper validation of HTTP/1 content-length\n* CVE-2023-40175 (rubygem-puma): HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers\n* CVE-2023-4785 (rubygem-grpc): File descriptor exhaustion leads to denial of service\n* CVE-2023-0809, CVE-2023-28366, CVE-2023-3592 (mosquitto): Memory leak leads to unresponsive broker\n\nThis update fixes the following bugs:\n2250347 - \u0027Sun, 11 Jun 2023 17:51:29 GMT\u0027 could not be parsed at index 0 at java.time.format.DateTimeFormatter.parseResolved\n2254974 - satellite-convert2rhel-toolkit install fails on latest rpm with `/usr/bin/bash: /usr/libexec/satellite-convert2rhel-appliance/action-install.sh: No such file or directory`\n2255260 - 6.14 - satellite-convert2rhel-toolkit is part of the satellite module\n2257321 - Request for UEFI Kickstart Provisioning to handle naming convention for VLAN tagged interfaces of the format \u003cparent_device\u003e.\u003cvlan_id\u003e in addition to vlan\u003cvlan_id\u003e\n2257324 - Generate applicability tasks fails with error \"ERROR: insert or update on table \"katello_content_facet_errata\" violates foreign key constraint \"katello_content_facet_errata_ca_id\"\n2257326 - Show failed resources in failed installation report\n2257327 - Puppet reports without any messages don\u0027t get an origin\n2257329 - Host registration fails with error \"Attached to can\u0027t be blank\" when the VLAN name includes UPPERCASE letters\n2257330 - default tuning profile leaves httpd MaxClients 150 which httpd raises a warning\n2257331 - Registering host through load balancer causes REX not to know what capsule to choose for \u0027registered_through\u0027\n2257332 - Registration can\u0027t find any Capsules when their locations are not assigned to admin user\n2257415 - Provisioning vm host fails with error \"Failed to attach ISO image to CDROM drive of instance client.example.com: InvalidPowerState: The attempted operation cannot be performed in the current state (Powered on)\". \n2260525 - [Improvement] RefreshRepos step in Capsule Sync to refresh just repos to sync \n2262131 - Unable to sync library/busybox from gcr.io \n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:0797", "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_and_updating_red_hat_satellite/index" }, { "category": "external", "summary": "2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "2250347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250347" }, { "category": "external", "summary": "2254974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254974" }, { "category": "external", "summary": "2255260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255260" }, { "category": "external", "summary": "2257321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257321" }, { "category": "external", "summary": "2257324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257324" }, { "category": "external", "summary": "2257326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257326" }, { "category": "external", "summary": "2257327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257327" }, { "category": "external", "summary": "2257329", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257329" }, { "category": "external", "summary": "2257330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257330" }, { "category": "external", "summary": "2257331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257331" }, { "category": "external", "summary": "2257332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257332" }, { "category": "external", "summary": "2257415", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257415" }, { "category": "external", "summary": "2260525", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260525" }, { "category": "external", "summary": "2262131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262131" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0797.json" } ], "title": "Red Hat Security Advisory: Satellite 6.14.2 Async Security Update", "tracking": { "current_release_date": "2024-12-10T16:44:47+00:00", "generator": { "date": "2024-12-10T16:44:47+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:0797", "initial_release_date": "2024-02-13T14:45:57+00:00", "revision_history": [ { "date": "2024-02-13T14:45:57+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-02-13T14:45:57+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T16:44:47+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.14 for RHEL 8", "product": { "name": "Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.14::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_id": "python-pulp-container-0:2.14.11-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-container@2.14.11-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.src", "product": { "name": "candlepin-0:4.3.11-1.el8sat.src", "product_id": "candlepin-0:4.3.11-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.src", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.src", "product_id": "foreman-0:3.7.0.11-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.src", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.src", "product_id": "mosquitto-0:2.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.src", "product_id": "puppet-agent-0:7.27.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.src", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.src", "product_id": "puppetserver-0:7.14.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.src", "product": { "name": "satellite-0:6.14.2-1.el8sat.src", "product_id": "satellite-0:6.14.2-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.21-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_id": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-container@2.14.11-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_id": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin-selinux@4.3.11-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-redis@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_id": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.11-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_id": "puppetserver-0:7.14.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppetserver@7.14.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_id": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_bootdisk@21.2.1-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_id": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-kafo@7.2.0-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_id": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-sidekiq@6.5.12-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-cli-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-common-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.14.2-1.el8sat.noarch", "product": { "name": "satellite-0:6.14.2-1.el8sat.noarch", "product_id": "satellite-0:6.14.2-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.14.2-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.7-1.el8sat?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debugsource@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_id": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/mosquitto-debuginfo@2.0.17-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_id": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/puppet-agent@7.27.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debugsource@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_id": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-google-protobuf-debuginfo@3.24.3-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_id": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-grpc@1.58.0-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debugsource@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_id": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@6.3.1-1.el8sat?arch=x86_64" } } }, { "category": "product_version", "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_id": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.1-1.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14-utils" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:4.3.11-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src" }, "product_reference": "candlepin-0:4.3.11-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-selinux-0:4.3.11-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" }, "product_reference": "candlepin-selinux-0:4.3.11-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.7.0.11-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src" }, "product_reference": "foreman-0:3.7.0.11-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.7.0.7-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.7.0.7-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-service-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" }, "product_reference": "mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppet-agent-0:7.27.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" }, "product_reference": "puppet-agent-0:7.27.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "puppetserver-0:7.14.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" }, "product_reference": "puppetserver-0:7.14.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-container-0:2.14.11-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src" }, "product_reference": "python-pulp-container-0:2.14.11-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-container-0:2.14.11-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch" }, "product_reference": "python39-pulp-container-0:2.14.11-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src" }, "product_reference": "rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64" }, "product_reference": "rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" }, "product_reference": "rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-kafo-0:7.2.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src" }, "product_reference": "rubygem-kafo-0:7.2.0-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.9.0.21-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.9.0.21-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" }, "product_reference": "rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-sidekiq-0:6.5.12-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" }, "product_reference": "rubygem-sidekiq-0:6.5.12-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.14.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src" }, "product_reference": "satellite-0:6.14.2-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.14.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch" }, "product_reference": "satellite-common-0:6.14.2-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.14" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8", "product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" }, "product_reference": "satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.14" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0809" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-3592" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3592" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-4785", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239017" } ], "notes": [ { "category": "description", "text": "A flaw was found in gRPC. Lack of error handling in the TCP server in Google\u0027s gRPC, starting in version 1.23 on POSIX-compatible platforms (for example, Linux), allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++, Python, and Ruby are affected, but gRPC Java and Go are NOT affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "gRPC: file descriptor exhaustion leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-4785" }, { "category": "external", "summary": "RHBZ#2239017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239017" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4785", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4785" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr", "url": "https://github.com/advisories/GHSA-p25m-jpj4-qcrr" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33656", "url": "https://github.com/grpc/grpc/pull/33656" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33667", "url": "https://github.com/grpc/grpc/pull/33667" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33669", "url": "https://github.com/grpc/grpc/pull/33669" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33670", "url": "https://github.com/grpc/grpc/pull/33670" }, { "category": "external", "summary": "https://github.com/grpc/grpc/pull/33672", "url": "https://github.com/grpc/grpc/pull/33672" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gRPC: file descriptor exhaustion leads to denial of service" }, { "cve": "CVE-2023-26049", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "discovery_date": "2023-08-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236341" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26049" }, { "category": "external", "summary": "RHBZ#2236341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26049" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c" } ], "release_date": "2023-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies" }, { "cve": "CVE-2023-26141", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-09-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239010" } ], "notes": [ { "category": "description", "text": "A denial of service vulnerability was found in Sidekiq. This flaw allows an attacker to manipulate the localStorage value in the dashboard-charts.js file and cause excessive polling requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "sidekiq: DoS in dashboard-charts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26141" }, { "category": "external", "summary": "RHBZ#2239010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26141", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26141" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26141" }, { "category": "external", "summary": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89", "url": "https://github.com/sidekiq/sidekiq/commit/62c90d7c5a7d8a378d79909859d87c2e0702bf89" } ], "release_date": "2023-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sidekiq: DoS in dashboard-charts" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2023-09-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2236882" } ], "notes": [ { "category": "description", "text": "A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "mosquitto: memory leak leads to unresponsive broker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28366" }, { "category": "external", "summary": "RHBZ#2236882", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236882" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28366" }, { "category": "external", "summary": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9", "url": "https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9" } ], "release_date": "2023-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mosquitto: memory leak leads to unresponsive broker" }, { "cve": "CVE-2023-36479", "cwe": { "id": "CWE-149", "name": "Improper Neutralization of Quoting Syntax" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239630" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty\u0027s CGI servlet which permits incorrect command execution in specific circumstances such as requests with certain characters in requested filenames. This issue could allow an attacker to run permitted commands other than the one requested.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper addition of quotation marks to user inputs in CgiServlet", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-36479" }, { "category": "external", "summary": "RHBZ#2239630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239630" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-36479", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36479" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jetty: Improper addition of quotation marks to user inputs in CgiServlet" }, { "acknowledgments": [ { "names": [ "Jay Satiro" ] } ], "cve": "CVE-2023-38545", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-10-03T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2241933" } ], "notes": [ { "category": "description", "text": "A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then Curl switches to the local name resolving and passes the resolved address only to the proxy. The local variable that instructs Curl to \"let the host resolve the name\" could obtain the wrong value during a slow SOCKS5 handshake, resulting in the too-long hostname being copied to the target buffer instead of the resolved address, which was not the intended behavior.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: heap based buffer overflow in the SOCKS5 proxy handshake", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw does not affect the versions of curl as shipped with Red Hat Enterprise Linux 6, 7, and 8.\n\nAn overflow is only possible in applications that do not set `CURLOPT_BUFFERSIZE`, or set it smaller than approximately 65kB. Since the curl tool sets `CURLOPT_BUFFERSIZE` to 100kB by default, it is not vulnerable unless rate limiting was set by the user to a size smaller than 65kB.\n\nKnowledgebase article:\n\nhttps://access.redhat.com/solutions/7045099", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-38545" }, { "category": "external", "summary": "RHBZ#2241933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-38545", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545" }, { "category": "external", "summary": "https://curl.se/docs/CVE-2023-38545.html", "url": "https://curl.se/docs/CVE-2023-38545.html" } ], "release_date": "2023-10-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" }, { "category": "workaround", "details": "To avoid this issue, we recommend you do not use `CURLPROXY_SOCKS5_HOSTNAME` proxies with curl. Also do not set a proxy environment variable to socks5h://", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "curl: heap based buffer overflow in the SOCKS5 proxy handshake" }, { "cve": "CVE-2023-40167", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2023-09-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239634" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Improper validation of HTTP/1 content-length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40167" }, { "category": "external", "summary": "RHBZ#2239634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167" }, { "category": "external", "summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6" }, { "category": "external", "summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6", "url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6" } ], "release_date": "2023-09-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: Improper validation of HTTP/1 content-length" }, { "cve": "CVE-2023-40175", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2023-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2232729" } ], "notes": [ { "category": "description", "text": "An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-40175" }, { "category": "external", "summary": "RHBZ#2232729", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232729" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-40175", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40175" }, { "category": "external", "summary": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8", "url": "https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8" } ], "release_date": "2023-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-02-13T14:45:57+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:0797" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14-capsule:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14-capsule:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14-capsule:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14-capsule:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14-capsule:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-capsule:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14-utils:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:candlepin-0:4.3.11-1.el8sat.src", "8Base-satellite-6.14:candlepin-selinux-0:4.3.11-1.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-0:3.7.0.11-2.el8sat.src", "8Base-satellite-6.14:foreman-cli-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-debug-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ec2-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-installer-1:3.7.0.7-1.el8sat.src", "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.7-1.el8sat.noarch", "8Base-satellite-6.14:foreman-journald-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-openstack-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-redis-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-service-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:foreman-vmware-0:3.7.0.11-2.el8sat.noarch", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.src", "8Base-satellite-6.14:mosquitto-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debuginfo-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:mosquitto-debugsource-0:2.0.17-1.el8sat.x86_64", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.src", "8Base-satellite-6.14:puppet-agent-0:7.27.0-1.el8sat.x86_64", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.noarch", "8Base-satellite-6.14:puppetserver-0:7.14.0-1.el8sat.src", "8Base-satellite-6.14:python-pulp-container-0:2.14.11-1.el8pc.src", "8Base-satellite-6.14:python39-pulp-container-0:2.14.11-1.el8pc.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-foreman_bootdisk-0:21.2.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.src", "8Base-satellite-6.14:rubygem-google-protobuf-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debuginfo-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-google-protobuf-debugsource-0:3.24.3-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-grpc-0:1.58.0-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-kafo-0:7.2.0-1.el8sat.src", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-katello-0:4.9.0.21-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.src", "8Base-satellite-6.14:rubygem-puma-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debuginfo-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-puma-debugsource-0:6.3.1-1.el8sat.x86_64", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.noarch", "8Base-satellite-6.14:rubygem-sidekiq-0:6.5.12-1.el8sat.src", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-0:6.14.2-1.el8sat.src", "8Base-satellite-6.14:satellite-capsule-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-cli-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-common-0:6.14.2-1.el8sat.noarch", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.src", "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.1-1.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "rubygem-puma: HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers" } ] }
sca-2025-0006
Vulnerability from csaf_sick
Notes
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "SICK has identified a Denial of Service vulnerability (CVE-2025-32472) in picoScan and multiScan, which can cause the web page to become unresponsive. Due to their architectural design, these products are not affected by the other vulnerabilities listed in this advisory. Currently SICK is not aware of any public exploits specifically targeting the vulnerability. SICK recommends applying the mitigation for CVE-2025-32472.", "title": "summary" }, { "category": "general", "text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.", "title": "General Security Measures" }, { "category": "general", "text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.", "title": "Vulnerability Classification" } ], "publisher": { "category": "vendor", "contact_details": "psirt@sick.de", "issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).", "name": "SICK PSIRT", "namespace": "https://www.sick.com/psirt" }, "references": [ { "summary": "SICK PSIRT Security Advisories", "url": "https://sick.com/psirt" }, { "summary": "SICK Operating Guidelines", "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf" }, { "summary": "ICS-CERT recommended practices on Industrial Security", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "summary": "CVSS v3.1 Calculator", "url": "https://www.first.org/cvss/calculator/3.1" }, { "category": "self", "summary": "The canonical URL.", "url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0006.json" } ], "title": "Vulnerability affecting picoScan and multiScan", "tracking": { "current_release_date": "2025-04-28T13:00:00.000Z", "generator": { "date": "2025-04-28T06:38:33.857Z", "engine": { "name": "Secvisogram", "version": "2.5.24" } }, "id": "SCA-2025-0006", "initial_release_date": "2025-04-28T13:00:00.000Z", "revision_history": [ { "date": "2025-04-28T13:00:00.000Z", "number": "1", "summary": "Initial version" }, { "date": "2025-07-30T07:30:49.000Z", "number": "2", "summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SICK picoScan1XX all versions", "product_id": "CSAFPID-0001", "product_identification_helper": { "skus": [ "1134607", "1134608", "1134609", "1134610", "1141395", "1141396", "1141397", "1141751", "1142269", "1142270", "1142272", "1142273" ] } } } ], "category": "product_name", "name": "picoScan1XX" } ], "category": "product_family", "name": "picoScan100" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SICK multiScan1XX all versions", "product_id": "CSAFPID-0002", "product_identification_helper": { "skus": [ "1131164", "1137723", "1140110", "1140133", "1140134", "1141496", "1143873" ] } } } ], "category": "product_name", "name": "multiScan1XX" } ], "category": "product_family", "name": "multiScan100" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SICK picoScan1XX Firmware all versions", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "picoScan1XX Firmware" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SICK multiScan1XX Firmware all versions", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "multiScan1XX Firmware" } ], "category": "vendor", "name": "SICK AG" } ], "relationships": [ { "category": "installed_on", "full_product_name": { "name": "SICK picoScan1XX all Firmware versions", "product_id": "CSAFPID-0005" }, "product_reference": "CSAFPID-0003", "relates_to_product_reference": "CSAFPID-0001" }, { "category": "installed_on", "full_product_name": { "name": "SICK multiScan1XX all Firmware versions", "product_id": "CSAFPID-0006" }, "product_reference": "CSAFPID-0004", "relates_to_product_reference": "CSAFPID-0002" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-32472", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "audience": "all", "category": "summary", "text": "The multiScan and picoScan are vulnerable to a denial-of-service (DoS) attack. A remote attacker can exploit this vulnerability by conducting a Slowloris-type attack, causing the web page to become unresponsive.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "remediations": [ { "category": "workaround", "details": "Please make sure that only trusted entities have access to the device. Furthermore, you should apply the following General Security Measures when operating the product to mitigate the associated security risk. The collected resources \u201dSICK Operating Guidelines\u201d and \u201dICS-CERT recommended practices on Industrial Security\u201d could help to implement the general security practices. Additionally, the web server can be disabled via the CyberSecurity page in the UI.", "product_ids": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.3, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Denial-of-Service Vulnerability in multiScan and picoScan via Slowloris Attack" }, { "cve": "CVE-2024-38517", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "audience": "all", "category": "summary", "text": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Tencent RapidJSON Vulnerable to Privilege Escalation via Integer Underflow in GenericReader::ParseNumber() Function" }, { "cve": "CVE-2024-39684", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "audience": "all", "category": "summary", "text": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber() function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Tencent RapidJSON Vulnerable to Privilege Escalation via Integer Overflow in GenericReader::ParseNumber() Function" }, { "cve": "CVE-2022-46908", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "audience": "all", "category": "summary", "text": "SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.3, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 7.3, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "SQLite Vulnerable to Protection Mechanism Bypass via Improper Implementation of \u0027azProhibitedFunctions\u0027" }, { "cve": "CVE-2021-36690", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "audience": "all", "category": "summary", "text": "A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "SQLite Vulnerable to Denial-of-Service (DoS) via Segmentation Fault in \u0027idxGetTableInfo\u0027 Function" }, { "cve": "CVE-2022-35737", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "audience": "all", "category": "summary", "text": "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "SQLite Vulnerable to Memory Corruption via Stack-Based Buffer Overflow in \u0027sqlite3_str_vappendf()\u0027 Function Used by \u0027printf\u0027 Family API Implementations" }, { "cve": "CVE-2021-45346", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "audience": "all", "category": "summary", "text": "A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "environmentalScore": 4.3, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 4.3, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "SQLite Vulnerable to Information Disclosure via Maliciously Crafted Queries" }, { "cve": "CVE-2023-7104", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "audience": "all", "category": "summary", "text": "A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "environmentalScore": 7.3, "environmentalSeverity": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.3, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "SQLite Vulnerable to Out-of-Bounds Memory Access via Insufficient Input Validation in \u0027sessionReadRecord\u0027 Function of \u0027Sessions\u0027 Extension" }, { "cve": "CVE-2022-28805", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "audience": "all", "category": "summary", "text": "singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "environmentalScore": 9.1, "environmentalSeverity": "CRITICAL", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 9.1, "temporalSeverity": "CRITICAL", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) and Information Disclosure via Heap-Based Buffer Over-Read in \u0027luaH_getshortstr\u0027 Function" }, { "cve": "CVE-2020-24370", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "audience": "all", "category": "summary", "text": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.3, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Integer Overflow in \u0027ldebug.c\u0027 File" }, { "cve": "CVE-2021-43519", "cwe": { "id": "CWE-674", "name": "Uncontrolled Recursion" }, "notes": [ { "audience": "all", "category": "summary", "text": "Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.5, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack-Based Buffer Overflow in \u0027ldo.c\u0027" }, { "cve": "CVE-2020-24369", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "audience": "all", "category": "summary", "text": "ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack-Based Buffer Overflow in \u0027ldo.c\u0027" }, { "cve": "CVE-2020-24371", "cwe": { "id": "CWE-763", "name": "Release of Invalid Pointer or Reference" }, "notes": [ { "audience": "all", "category": "summary", "text": "lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.3, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Information Disclosure via Mishandled Interaction Between Barriers and Sweep Phase" }, { "cve": "CVE-2022-33099", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "audience": "all", "category": "summary", "text": "An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack Overflow in \u0027luaG_runerror\u0027 Function" }, { "cve": "CVE-2020-15945", "cwe": { "id": "CWE-229", "name": "Improper Handling of Values" }, "notes": [ { "audience": "all", "category": "summary", "text": "Lua 5.4.0 (fixed in 5.4.1) has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.5, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service via \u0027changedline\u0027 Function" }, { "cve": "CVE-2020-15888", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "audience": "all", "category": "summary", "text": "Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 8.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 8.8, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Multiple Heap Related Memory Errors via Garbage Collection \u0027Stack Resizing\u0027" }, { "cve": "CVE-2020-24342", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "audience": "all", "category": "summary", "text": "Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Lua Vulnerable to Denial-of-Service (DoS) via Stack Overflow in \u0027luaD_callnoyield\u0027 Function" }, { "cve": "CVE-2024-10525", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "audience": "all", "category": "summary", "text": "In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "environmentalScore": 9.8, "environmentalSeverity": "CRITICAL", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 9.8, "temporalSeverity": "CRITICAL", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Heap-Based-Buffer Overflow in Crafted SUBACK Packet in libmosquitto Component" }, { "cve": "CVE-2024-8376", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "audience": "all", "category": "summary", "text": "In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of \"CONNECT\", \"DISCONNECT\", \"SUBSCRIBE\", \"UNSUBSCRIBE\" and \"PUBLISH\" packets.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Specific Sequences in Packet Handling Component" }, { "cve": "CVE-2023-28366", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "audience": "all", "category": "summary", "text": "The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Memory Leak Triggered by Duplicate QoS 2 Messages" }, { "cve": "CVE-2023-3592", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "audience": "all", "category": "summary", "text": "In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Memory Leak in \u0027v5 CONNECT\u0027 Packets" }, { "cve": "CVE-2024-3935", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "audience": "all", "category": "summary", "text": "In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Eclipse Mosquitto Vulnerable to Memory Corruption via Double Free in Crafted PUBLISH Packet in Outgoing Bridge Connection" }, { "cve": "CVE-2023-0809", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "audience": "all", "category": "summary", "text": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.", "title": "Summary" } ], "product_status": { "known_not_affected": [ "CSAFPID-0005", "CSAFPID-0006" ] }, "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.3, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-0005", "CSAFPID-0006" ] } ], "title": "Mosquitto Vulnerable to Denial-of-Service (DoS) via Excessive Memory Allocation" } ] }
ghsa-v9xr-r3xx-x9gc
Vulnerability from github
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
{ "affected": [], "aliases": [ "CVE-2023-0809" ], "database_specific": { "cwe_ids": [ "CWE-770", "CWE-789" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-10-02T19:15:09Z", "severity": "MODERATE" }, "details": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.", "id": "GHSA-v9xr-r3xx-x9gc", "modified": "2024-01-07T12:30:30Z", "published": "2023-10-02T21:30:17Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0809" }, { "type": "WEB", "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202401-09" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "type": "CVSS_V3" } ] }
wid-sec-w-2023-2724
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2724 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json" }, { "category": "self", "summary": "WID-SEC-2023-2724 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724" }, { "category": "external", "summary": "IBM Security Bulletin: 7056518 vom 2023-10-22", "url": "https://www.ibm.com/support/pages/node/7056518" }, { "category": "external", "summary": "IBM Security Bulletin: 7056456 vom 2023-10-22", "url": "https://www.ibm.com/support/pages/node/7056456" } ], "source_lang": "en-US", "title": "IBM Integration Bus: Mehrere Schwachstellen erm\u00f6glichen Denial of Service", "tracking": { "current_release_date": "2023-10-22T22:00:00.000+00:00", "generator": { "date": "2024-08-15T18:00:24.040+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-2724", "initial_release_date": "2023-10-22T22:00:00.000+00:00", "revision_history": [ { "date": "2023-10-22T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Integration Bus 10.1 - 10.1.0.1", "product": { "name": "IBM Integration Bus 10.1 - 10.1.0.1", "product_id": "T028402", "product_identification_helper": { "cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-3635", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-3635" }, { "cve": "CVE-2023-3592", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-3592" }, { "cve": "CVE-2023-28366", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-28366" }, { "cve": "CVE-2023-0809", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-0809" } ] }
WID-SEC-W-2023-2724
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Integration Bus ist eine \"lightweight\" ESB, welche die Integration von SOAP oder non-SOAP Datenquellen von verschiedenen Plattformen erm\u00f6glicht.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Integration Bus ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2724 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2724.json" }, { "category": "self", "summary": "WID-SEC-2023-2724 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2724" }, { "category": "external", "summary": "IBM Security Bulletin: 7056518 vom 2023-10-22", "url": "https://www.ibm.com/support/pages/node/7056518" }, { "category": "external", "summary": "IBM Security Bulletin: 7056456 vom 2023-10-22", "url": "https://www.ibm.com/support/pages/node/7056456" } ], "source_lang": "en-US", "title": "IBM Integration Bus: Mehrere Schwachstellen erm\u00f6glichen Denial of Service", "tracking": { "current_release_date": "2023-10-22T22:00:00.000+00:00", "generator": { "date": "2024-08-15T18:00:24.040+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-2724", "initial_release_date": "2023-10-22T22:00:00.000+00:00", "revision_history": [ { "date": "2023-10-22T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Integration Bus 10.1 - 10.1.0.1", "product": { "name": "IBM Integration Bus 10.1 - 10.1.0.1", "product_id": "T028402", "product_identification_helper": { "cpe": "cpe:/a:ibm:integration_bus:10.1_-_10.1.0.1" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-3635", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-3635" }, { "cve": "CVE-2023-3592", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-3592" }, { "cve": "CVE-2023-28366", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-28366" }, { "cve": "CVE-2023-0809", "notes": [ { "category": "description", "text": "In IBM Integration Bus existieren mehrere Schwachstellen. Diese bestehen in Komponenten von Drittanbietern und sind auf Speicherlecks sowie nicht abgefangene Excepetions zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T028402" ] }, "release_date": "2023-10-22T22:00:00.000+00:00", "title": "CVE-2023-0809" } ] }
CERTFR-2024-AVI-0297
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Cloud Native Router versions antérieures à 23.4
- cRPD versions antérieures à 23.4R1
- Paragon Active Assurance versions antérieures à 4.2.1
- Paragon Active Assurance versions antérieures à 4.3.0
- Junos OS gamme EX4300 versions antérieures à 20.4R3-S10, 21.2R3-S7 et 21.4R3-S6
- Junos OS gammes QFX5000 Series, EX4400 Series, EX4100 Series et EX4650 Series versions antérieures à 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1
- Junos OS gammes SRX Branch Series versions antérieures à 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2 et 23.2R1
- Junos OS gammes MX Series avec SPC3 et MS-MPC versions antérieures à 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1
- Junos OS gamme SRX 5000 Series avec SPC2 versions antérieures à 21.2R3-S7, 21.4, 22.1, 22.2, 22.3, 22.4 et 23.2
- Junos OS gammes MX Series versions antérieures à 20.4R3-S5, 21.1, 21.2R3-S1, 21.3, 21.4R3, 22.1R2, 22.2R2 et 22.3
- Junos OS gamme EX9200-15C versions antérieures à 21.2R3-S1, 21.4R3, 22.1R2 et 22.2R2
- Junos OS gammes SRX4600 versions antérieures à 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2 et 23.4R1
- Junos OS gammes ACX5448 et ACX710 versions antérieures à 20.4R3-S9, 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2 et 23.2R1
- Junos OS versions antérieures à 20.4R3-S9, 21.1R3, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R3-S2, 22.4R3 et 23.4R2
-
Junos OS Evolved versions antérieures à 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.3R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R2-EVO et 23.4R1-EVO
Vendor | Product | Description |
---|
Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [], "affected_systems_content": "\u003cul\u003e \u003cli\u003eCloud Native Router versions ant\u00e9rieures \u00e0 23.4\u003c/li\u003e \u003cli\u003ecRPD versions ant\u00e9rieures \u00e0 23.4R1\u003c/li\u003e \u003cli\u003eParagon Active Assurance versions ant\u00e9rieures \u00e0 4.2.1\u003c/li\u003e \u003cli\u003eParagon Active Assurance versions ant\u00e9rieures \u00e0 4.3.0\u003c/li\u003e \u003cli\u003eJunos OS gamme EX4300 versions ant\u00e9rieures \u00e0 20.4R3-S10, 21.2R3-S7 et 21.4R3-S6\u003c/li\u003e \u003cli\u003eJunos OS gammes QFX5000 Series, EX4400 Series, EX4100 Series et EX4650 Series versions ant\u00e9rieures \u00e0 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gammes SRX Branch Series versions ant\u00e9rieures \u00e0 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gammes MX Series avec SPC3 et MS-MPC versions ant\u00e9rieures \u00e0 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gamme SRX 5000 Series avec SPC2 versions ant\u00e9rieures \u00e0 21.2R3-S7, 21.4, 22.1, 22.2, 22.3, 22.4 et 23.2\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0MX Series versions ant\u00e9rieures \u00e0 20.4R3-S5, 21.1, 21.2R3-S1, 21.3, 21.4R3, 22.1R2, 22.2R2 et 22.3\u003c/li\u003e \u003cli\u003eJunos OS gamme EX9200-15C versions ant\u00e9rieures \u00e0 21.2R3-S1, 21.4R3, 22.1R2 et 22.2R2\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0SRX4600 versions ant\u00e9rieures \u00e0 21.2R3-S7,\u00a021.4R3-S6,\u00a022.1R3-S5,\u00a022.2R3-S3,\u00a022.3R3-S2,\u00a022.4R3,\u00a023.2R1-S2, 23.2R2 et 23.4R1\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0ACX5448 et ACX710 versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.1R3, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R3-S2, 22.4R3 et 23.4R2\u003c/li\u003e \u003cli\u003e \u003cdiv\u003e \u003cdiv\u003e \u003cp\u003eJunos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.3R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R2-EVO et 23.4R1-EVO\u003c/p\u003e \u003c/div\u003e \u003c/div\u003e \u003c/li\u003e \u003c/ul\u003e ", "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2023-0216", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216" }, { "name": "CVE-2023-40217", "url": "https://www.cve.org/CVERecord?id=CVE-2023-40217" }, { "name": "CVE-2023-0401", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401" }, { "name": "CVE-2021-37600", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600" }, { "name": "CVE-2024-30381", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30381" }, { "name": "CVE-2023-46218", "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218" }, { "name": "CVE-2020-1747", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1747" }, { "name": "CVE-2024-30401", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30401" }, { "name": "CVE-2021-28831", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28831" }, { "name": "CVE-2024-30409", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30409" }, { "name": "CVE-2023-38546", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546" }, { "name": "CVE-2020-14343", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14343" }, { "name": "CVE-2022-4304", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304" }, { "name": "CVE-2022-48554", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48554" }, { "name": "CVE-2023-39975", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39975" }, { "name": "CVE-2024-30410", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30410" }, { "name": "CVE-2018-7738", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7738" }, { "name": "CVE-2022-48522", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522" }, { "name": "CVE-2020-8285", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285" }, { "name": "CVE-2021-28957", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28957" }, { "name": "CVE-2024-30380", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30380" }, { "name": "CVE-2023-41913", "url": "https://www.cve.org/CVERecord?id=CVE-2023-41913" }, { "name": "CVE-2024-30392", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30392" }, { "name": "CVE-2023-0215", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215" }, { "name": "CVE-2021-23240", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23240" }, { "name": "CVE-2023-0286", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286" }, { "name": "CVE-2011-1676", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1676" }, { "name": "CVE-2020-8037", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8037" }, { "name": "CVE-2023-4807", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807" }, { "name": "CVE-2020-19190", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19190" }, { "name": "CVE-2024-30391", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30391" }, { "name": "CVE-2020-8286", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286" }, { "name": "CVE-2023-2253", "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253" }, { "name": "CVE-2023-44487", "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487" }, { "name": "CVE-2024-30389", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30389" }, { "name": "CVE-2023-29491", "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491" }, { "name": "CVE-2023-3592", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592" }, { "name": "CVE-2020-19187", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19187" }, { "name": "CVE-2023-0466", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466" }, { "name": "CVE-2019-9923", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9923" }, { "name": "CVE-2021-39534", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39534" }, { "name": "CVE-2023-5981", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981" }, { "name": "CVE-2023-27043", "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043" }, { "name": "CVE-2023-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217" }, { "name": "CVE-2024-30398", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30398" }, { "name": "CVE-2021-22947", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947" }, { "name": "CVE-2018-1000120", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120" }, { "name": "CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "name": "CVE-2019-17041", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17041" }, { "name": "CVE-2020-19188", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19188" }, { "name": "CVE-2020-19186", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19186" }, { "name": "CVE-2021-22946", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946" }, { "name": "CVE-2020-25659", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25659" }, { "name": "CVE-2021-39531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39531" }, { "name": "CVE-2020-8284", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284" }, { "name": "CVE-2023-23915", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915" }, { "name": "CVE-2011-1675", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1675" }, { "name": "CVE-2023-28366", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366" }, { "name": "CVE-2024-30378", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30378" }, { "name": "CVE-2023-23931", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23931" }, { "name": "CVE-2021-34434", "url": "https://www.cve.org/CVERecord?id=CVE-2021-34434" }, { "name": "CVE-2016-10009", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10009" }, { "name": "CVE-2023-1428", "url": "https://www.cve.org/CVERecord?id=CVE-2023-1428" }, { "name": "CVE-2023-3978", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978" }, { "name": "CVE-2024-30402", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30402" }, { "name": "CVE-2018-1000215", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000215" }, { "name": "CVE-2023-23914", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914" }, { "name": "CVE-2019-17042", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17042" }, { "name": "CVE-2024-30403", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30403" }, { "name": "CVE-2021-36159", "url": "https://www.cve.org/CVERecord?id=CVE-2021-36159" }, { "name": "CVE-2018-1000654", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000654" }, { "name": "CVE-2023-5156", "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156" }, { "name": "CVE-2022-2795", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2795" }, { "name": "CVE-2021-30139", "url": "https://www.cve.org/CVERecord?id=CVE-2021-30139" }, { "name": "CVE-2024-30384", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30384" }, { "name": "CVE-2023-2603", "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603" }, { "name": "CVE-2024-30387", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30387" }, { "name": "CVE-2017-18018", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18018" }, { "name": "CVE-2024-30406", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30406" }, { "name": "CVE-2023-43804", "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804" }, { "name": "CVE-2022-4450", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450" }, { "name": "CVE-2023-32732", "url": "https://www.cve.org/CVERecord?id=CVE-2023-32732" }, { "name": "CVE-2024-30394", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30394" }, { "name": "CVE-2023-2650", "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650" }, { "name": "CVE-2022-3996", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996" }, { "name": "CVE-2024-30407", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30407" }, { "name": "CVE-2020-36242", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36242" }, { "name": "CVE-2023-4785", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785" }, { "name": "CVE-2020-22916", "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916" }, { "name": "CVE-2023-38408", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408" }, { "name": "CVE-2020-27350", "url": "https://www.cve.org/CVERecord?id=CVE-2020-27350" }, { "name": "CVE-2023-36054", "url": "https://www.cve.org/CVERecord?id=CVE-2023-36054" }, { "name": "CVE-2021-39533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39533" }, { "name": "CVE-2024-30390", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30390" }, { "name": "CVE-2020-19185", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19185" }, { "name": "CVE-2023-0809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809" }, { "name": "CVE-2021-20193", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193" }, { "name": "CVE-2023-4806", "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806" }, { "name": "CVE-2016-2781", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781" }, { "name": "CVE-2020-19189", "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189" }, { "name": "CVE-2023-32731", "url": "https://www.cve.org/CVERecord?id=CVE-2023-32731" }, { "name": "CVE-2023-49083", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49083" }, { "name": "CVE-2024-30388", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30388" }, { "name": "CVE-2019-18276", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276" }, { "name": "CVE-2024-30386", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30386" }, { "name": "CVE-2021-33560", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560" }, { "name": "CVE-2011-1677", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1677" }, { "name": "CVE-2018-20225", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20225" }, { "name": "CVE-2020-28928", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28928" }, { "name": "CVE-2021-41039", "url": "https://www.cve.org/CVERecord?id=CVE-2021-41039" }, { "name": "CVE-2024-30382", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30382" }, { "name": "CVE-2018-20482", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20482" }, { "name": "CVE-2021-40528", "url": "https://www.cve.org/CVERecord?id=CVE-2021-40528" }, { "name": "CVE-2023-32681", "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681" }, { "name": "CVE-2023-3446", "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446" }, { "name": "CVE-2020-28493", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28493" }, { "name": "CVE-2020-27783", "url": "https://www.cve.org/CVERecord?id=CVE-2020-27783" }, { "name": "CVE-2018-1000122", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122" }, { "name": "CVE-2011-1089", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1089" }, { "name": "CVE-2024-30405", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30405" }, { "name": "CVE-2024-30397", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30397" }, { "name": "CVE-2023-38545", "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545" }, { "name": "CVE-2024-30395", "url": "https://www.cve.org/CVERecord?id=CVE-2024-30395" } ], "initial_release_date": "2024-04-11T00:00:00", "last_revision_date": "2024-04-11T00:00:00", "links": [], "reference": "CERTFR-2024-AVI-0297", "revisions": [ { "description": "Version initiale", "revision_date": "2024-04-11T00:00:00.000000" } ], "risks": [ { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" }, { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es" }, { "description": "Contournement de la politique de s\u00e9curit\u00e9" }, { "description": "Injection de code indirecte \u00e0 distance (XSS)" }, { "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79102 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-libslax-Multiple-vulnerabilities-in-libslax-resolved?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79106 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Juniper-Cloud-Native-Router-Multiple-vulnerabilities-resolved-in-23-4-release?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79181 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-When-MAC-learning-happens-and-an-interface-gets-flapped-the-PFE-crashes-CVE-2024-30403?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79186 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-If-a-specific-CLI-command-is-issued-PFE-crashes-will-occur-CVE-2024-30384?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79089 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX-Series-Specific-malformed-LACP-packets-will-cause-flaps-CVE-2024-30388?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79173 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Paragon-Active-Assurance-probe-serviced-exposes-internal-objects-to-local-users-CVE-2024-30381?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79104 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-ACX-Series-with-Paragon-Active-Assurance-Test-Agent-A-local-high-privileged-attacker-can-recover-other-administrators-credentials-CVE-2024-30406?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79094 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-A-specific-EVPN-type-5-route-causes-rpd-crash-CVE-2024-30394?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79183 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-Connection-limits-is-not-being-enforced-while-the-resp-rate-limit-is-being-enforced-CVE-2024-30390?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79176 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX4600-Series-A-high-amount-of-specific-traffic-causes-packet-drops-and-an-eventual-PFE-crash-CVE-2024-30398?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79179 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-An-invalid-certificate-causes-a-Denial-of-Service-in-the-Internet-Key-Exchange-IKE-process-CVE-2024-30397?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79187 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-ACX5448-ACX710-Due-to-the-interface-flaps-the-PFE-process-can-crash-CVE-2024-30387?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79109 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-bbe-smgd-process-crash-upon-execution-of-specific-CLI-commands-CVE-2024-30378?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79171 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-l2cpd-crash-upon-receipt-of-a-specific-TLV-CVE-2024-30380?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79188 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-When-IPsec-authentication-is-configured-with-hmac-sha-384-and-hmac-sha-512-no-authentication-of-traffic-is-performed-CVE-2024-30391?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79099 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Higher-CPU-consumption-on-routing-engine-leads-to-Denial-of-Service-DoS-CVE-2024-30409?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79184 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-EVPN-VXLAN-scenario-state-changes-on-adjacent-systems-can-cause-an-l2ald-process-crash-CVE-2024-30386?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79110 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-15C-Stack-based-buffer-overflow-in-aftman-CVE-2024-30401?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79174 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-RPD-crash-when-CoS-based-forwarding-CBF-policy-is-configured-CVE-2024-30382?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79095 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-malformed-BGP-tunnel-encapsulation-attribute-will-lead-to-an-rpd-crash-CVE-2024-30395?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79100 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-Loopback-filter-not-blocking-traffic-despite-having-discard-term-CVE-2024-30410?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79107 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-cRPD-Multiple-vulnerabilities-resolved-in-23-4R1-release?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79092 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-MS-MPC-MIC-When-URL-filtering-is-enabled-and-a-specific-URL-request-is-received-a-flowd-crash-occurs-CVE-2024-30392?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79185 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-Firewall-filter-not-blocking-egress-traffic-CVE-2024-30389?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79108 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-cURL-vulnerabilities-resolved?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79091 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-Branch-Series-When-DNS-proxy-is-configured-and-specific-DNS-queries-are-received-resolver-s-performance-is-degraded-CVE-2022-2795?language=en_US" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79180 du 10 avril 2024", "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-l2ald-crashes-on-receiving-telemetry-messages-from-a-specific-subscription-CVE-2024-30402?language=en_US" } ] }
fkie_cve-2023-0809
Vulnerability from fkie_nvd
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
URL | Tags | ||
---|---|---|---|
emo@eclipse.org | https://mosquitto.org/blog/2023/08/version-2-0-16-released/ | Release Notes | |
emo@eclipse.org | https://security.gentoo.org/glsa/202401-09 | ||
af854a3a-2127-422b-91ae-364da2661108 | https://mosquitto.org/blog/2023/08/version-2-0-16-released/ | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202401-09 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*", "matchCriteriaId": "C744F41F-1469-4455-8C1C-B06373070721", "versionEndExcluding": "2.0.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets." }, { "lang": "es", "value": "En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en funci\u00f3n de paquetes iniciales maliciosos que no son paquetes CONNECT." } ], "id": "CVE-2023-0809", "lastModified": "2024-11-21T07:37:52.583", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "emo@eclipse.org", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-10-02T19:15:09.717", "references": [ { "source": "emo@eclipse.org", "tags": [ "Release Notes" ], "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "source": "emo@eclipse.org", "url": "https://security.gentoo.org/glsa/202401-09" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://mosquitto.org/blog/2023/08/version-2-0-16-released/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-09" } ], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-789" } ], "source": "emo@eclipse.org", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-770" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.