Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2025-26791
Vulnerability from cvelistv5
Published
2025-02-14 00:00
Modified
2025-02-14 15:30
Severity ?
EPSS score ?
0.02%
(0.04779)
Summary
DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-26791", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-14T15:30:30.796687Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-14T15:30:49.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://ensy.zip/posts/dompurify-323-bypass/", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "DOMPurify", vendor: "Cure53", versions: [ { lessThan: "3.2.4", status: "affected", version: "0", versionType: "semver", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*", versionEndExcluding: "3.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).", }, ], metrics: [ { cvssV3_1: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-14T08:21:32.805Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, { url: "https://ensy.zip/posts/dompurify-323-bypass/", }, ], x_generator: { engine: "enrichogram 0.0.1", }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2025-26791", datePublished: "2025-02-14T00:00:00.000Z", dateReserved: "2025-02-14T00:00:00.000Z", dateUpdated: "2025-02-14T15:30:49.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2025-26791\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-02-14T09:15:08.067\",\"lastModified\":\"2025-02-14T16:15:37.350\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":4.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.4,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://ensy.zip/posts/dompurify-323-bypass/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/cure53/DOMPurify/releases/tag/3.2.4\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://nsysean.github.io/posts/dompurify-323-bypass/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://ensy.zip/posts/dompurify-323-bypass/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-26791\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-14T15:30:30.796687Z\"}}}], \"references\": [{\"url\": \"https://ensy.zip/posts/dompurify-323-bypass/\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-14T15:30:43.141Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 4.5, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N\"}}], \"affected\": [{\"vendor\": \"Cure53\", \"product\": \"DOMPurify\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.2.4\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/cure53/DOMPurify/releases/tag/3.2.4\"}, {\"url\": \"https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02\"}, {\"url\": \"https://nsysean.github.io/posts/dompurify-323-bypass/\"}, {\"url\": \"https://ensy.zip/posts/dompurify-323-bypass/\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:cure53:dompurify:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"3.2.4\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-02-14T08:21:32.805Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2025-26791\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-14T15:30:49.790Z\", \"dateReserved\": \"2025-02-14T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-02-14T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
fkie_cve-2025-26791
Vulnerability from fkie_nvd
Published
2025-02-14 09:15
Modified
2025-02-14 16:15
Severity ?
Summary
DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).", }, { lang: "es", value: "DOMPurify anterior a 3.2.4 tiene una expresión regular literal de plantilla incorrecta, lo que a veces provoca Cross Site Scripting (mXSS) de mutación.", }, ], id: "CVE-2025-26791", lastModified: "2025-02-14T16:15:37.350", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.4, impactScore: 2.7, source: "cve@mitre.org", type: "Secondary", }, ], }, published: "2025-02-14T09:15:08.067", references: [ { source: "cve@mitre.org", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { source: "cve@mitre.org", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { source: "cve@mitre.org", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { source: "cve@mitre.org", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, { source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "cve@mitre.org", type: "Secondary", }, ], }
rhsa-2025:2518
Vulnerability from csaf_redhat
Published
2025-03-10 14:46
Modified
2025-04-15 13:12
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.5
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-gateway: Mutation XSS in DOMPurify Due to Improper Template Literal Handling (CVE-2025-26791)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes included:
Automation Platform
* Fixed an issue that would prevent some types of resources from getting synced if there was a naming conflict (AAP-41241)
* Fixed an issue where login would fail for users who were members of a team or organization that had a naming conflict (AAP-41240)
* Fixed an issue in the user collection module where running with state: present would cause a stack trace (AAP-40887)
* Fixed an issue preventing the controller admin password to get set for the gateway admin account during upgrades (AAP-40839)
* Fixed an issue that caused updates to SAML authenticators to ignore an updated public certificate provided via UI or API and then fail with the message "The certificate and private key do not match" (AAP-40767)
* Allow services to request cloud.redhat.com settings from gateway using ServiceTokenAuth (AAP-39649)
* Fixed ServiceAuthToken destroy method to allow HTTP delete via ServiceAuth to work properly (AAP-37630)
* automation-gateway has been updated to 2.5.20250312
* python3.11-django-ansible-base has been updated to 2.5.20250312
Automation controller
* Fixed the indirect host counting name to not record the hostname, but from the query result instead (AAP-41033)
* Fixed OpaClient to initialize properly after timeouts and retries (AAP-40997)
* Added service account credentials for Analytics in controller (AAP-40769)
* Added a helper method in the API for fetching the service account token from sso.redhat.com (AAP-39637)
* automation-controller has been updated to 4.6.9
Event-Driven Ansible
* Fixed ansible-rulebook support for third party python libraries (AAP-41341)
* Modified the behavior of the ansible-rulebook and Event-Driven Ansible to help with issues when the activation correctly started was considered unresponsive and scheduled for restarting (AAP-41070)
* Added support for editing and copying of rulebook activations in the API (AAP-40254)
* Rulebook activations' log message field is separated into timestamps and message fields (AAP-39743)
* Fixed a bug where the activation was incorrectly restarted with the error message "Missing container for running activation" (AAP-39545)
* Event streams now connect to PostgreSQL by using the certificates configured at the installation (AAP-39294)
* User is now required to give a user defined name when copying a credential. The new credential name must be unique (AAP-39079)
* Enhanced error messages related to Decision Environments (AAP-38941)
* Decision environment urls are now validated against OCI specification to ensure successful authentication to the container registry when pulling the image (AAP-38822)
* ansible-rulebook has been updated to 1.1.3
* automation-eda-controller has been updated to 1.1.6
Receptor:
* Fixed an issue where receptor was creating too many inotify processes, and where the user would encounter a too many open files error (AAP-22605)
* receptor has been updated to 1.5.3
Container-based Ansible Automation Platform
* Corrected the URL in the postinstall code for automation hub to use the gateway proxy URL (AAP-41306)
* Deprecated the variables eda_main_url and hub_main_url in favor of the gateway proxy URL (AAP-41306)
* Receptor mesh connections are now created between all automation controller nodes (AAP-41102)
* Fixed receptor configuration related to the container group instances type (AAP-40431)
* Fixed behavior that would hide the errors during EDA status validation (AAP-40021)
* Ensure the polkit RPM package is installed in order to enable user lingering (AAP-39860)
* containerized installer setup has been updated to 2.5-11
RPM-based Ansible Automation Platform
* Fixed an issue where SELinux relabeling didn't happen when fcontext rules were changed (AAP-40489)
* Fixed an issue where the credentials for execution environments and decision environments hosted in automation hub were incorrectly configured (AAP-40419)
* Fixed an issue where projects failed to sync due to incorrectly configured credentials for ansible collections hosted in automation hub (AAP-40418)
* Managed CA will now correctly assign eligible groups during discovery during installation, backup and restore (AAP-40277)
* Implemented argument to collect sosreport using the setup script (AAP-40085)
* EDA Activation logging is now provided via the journald driver (AAP-39745)
* ansible-automation-platform-installer and installer setup have been updated to 2.5-9
Additional changes:
* ansible-creator has been updated to 25.0.0
* ansible-dev-environment has been updated to 25.1.0
* ansible-dev-tools has been updated to 25.2.0
* ansible-lint has been updated to 25.1.2
* ansible-navigator has been updated to 25.1.0
* automation-hub has been updated to 4.10.2
* molecule has been updated to 25.2.0
* python3.11-ansible-compat has been updated to 25.1.2
* python3.11-galaxy-importer has been updated to 0.4.28
* python3.11-galaxy-ng has been updated to 4.10.2
* python3.11-jsonschema-path has been updated to 0.3.4
* python3.11-podman has been updated to 5.2.0
* python3.11-pytest-ansible has been updated to 25.1.0
* python3.11-referencing has been updated to 0.36.2
* python3.11-tox-ansible has been updated to 25.1.0
* python3.11-typing-extensions has been updated to 4.9.0
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Ansible Automation Platform 2.5\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-gateway: Mutation XSS in DOMPurify Due to Improper Template Literal Handling (CVE-2025-26791)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes included:\n\nAutomation Platform\n* Fixed an issue that would prevent some types of resources from getting synced if there was a naming conflict (AAP-41241)\n* Fixed an issue where login would fail for users who were members of a team or organization that had a naming conflict (AAP-41240)\n* Fixed an issue in the user collection module where running with state: present would cause a stack trace (AAP-40887)\n* Fixed an issue preventing the controller admin password to get set for the gateway admin account during upgrades (AAP-40839)\n* Fixed an issue that caused updates to SAML authenticators to ignore an updated public certificate provided via UI or API and then fail with the message \"The certificate and private key do not match\" (AAP-40767)\n* Allow services to request cloud.redhat.com settings from gateway using ServiceTokenAuth (AAP-39649)\n* Fixed ServiceAuthToken destroy method to allow HTTP delete via ServiceAuth to work properly (AAP-37630)\n* automation-gateway has been updated to 2.5.20250312\n* python3.11-django-ansible-base has been updated to 2.5.20250312\n\nAutomation controller\n* Fixed the indirect host counting name to not record the hostname, but from the query result instead (AAP-41033)\n* Fixed OpaClient to initialize properly after timeouts and retries (AAP-40997)\n* Added service account credentials for Analytics in controller (AAP-40769)\n* Added a helper method in the API for fetching the service account token from sso.redhat.com (AAP-39637)\n* automation-controller has been updated to 4.6.9\n\nEvent-Driven Ansible\n* Fixed ansible-rulebook support for third party python libraries (AAP-41341)\n* Modified the behavior of the ansible-rulebook and Event-Driven Ansible to help with issues when the activation correctly started was considered unresponsive and scheduled for restarting (AAP-41070)\n* Added support for editing and copying of rulebook activations in the API (AAP-40254)\n* Rulebook activations' log message field is separated into timestamps and message fields (AAP-39743)\n* Fixed a bug where the activation was incorrectly restarted with the error message \"Missing container for running activation\" (AAP-39545)\n* Event streams now connect to PostgreSQL by using the certificates configured at the installation (AAP-39294)\n* User is now required to give a user defined name when copying a credential. The new credential name must be unique (AAP-39079)\n* Enhanced error messages related to Decision Environments (AAP-38941)\n* Decision environment urls are now validated against OCI specification to ensure successful authentication to the container registry when pulling the image (AAP-38822)\n* ansible-rulebook has been updated to 1.1.3\n* automation-eda-controller has been updated to 1.1.6\n\nReceptor:\n* Fixed an issue where receptor was creating too many inotify processes, and where the user would encounter a too many open files error (AAP-22605)\n* receptor has been updated to 1.5.3\n\nContainer-based Ansible Automation Platform\n* Corrected the URL in the postinstall code for automation hub to use the gateway proxy URL (AAP-41306)\n* Deprecated the variables eda_main_url and hub_main_url in favor of the gateway proxy URL (AAP-41306)\n* Receptor mesh connections are now created between all automation controller nodes (AAP-41102)\n* Fixed receptor configuration related to the container group instances type (AAP-40431)\n* Fixed behavior that would hide the errors during EDA status validation (AAP-40021)\n* Ensure the polkit RPM package is installed in order to enable user lingering (AAP-39860)\n* containerized installer setup has been updated to 2.5-11\n\nRPM-based Ansible Automation Platform\n* Fixed an issue where SELinux relabeling didn't happen when fcontext rules were changed (AAP-40489)\n* Fixed an issue where the credentials for execution environments and decision environments hosted in automation hub were incorrectly configured (AAP-40419)\n* Fixed an issue where projects failed to sync due to incorrectly configured credentials for ansible collections hosted in automation hub (AAP-40418)\n* Managed CA will now correctly assign eligible groups during discovery during installation, backup and restore (AAP-40277)\n* Implemented argument to collect sosreport using the setup script (AAP-40085)\n* EDA Activation logging is now provided via the journald driver (AAP-39745)\n* ansible-automation-platform-installer and installer setup have been updated to 2.5-9\n\nAdditional changes:\n* ansible-creator has been updated to 25.0.0\n* ansible-dev-environment has been updated to 25.1.0\n* ansible-dev-tools has been updated to 25.2.0\n* ansible-lint has been updated to 25.1.2\n* ansible-navigator has been updated to 25.1.0\n* automation-hub has been updated to 4.10.2\n* molecule has been updated to 25.2.0\n* python3.11-ansible-compat has been updated to 25.1.2\n* python3.11-galaxy-importer has been updated to 0.4.28\n* python3.11-galaxy-ng has been updated to 4.10.2\n* python3.11-jsonschema-path has been updated to 0.3.4\n* python3.11-podman has been updated to 5.2.0\n* python3.11-pytest-ansible has been updated to 25.1.0\n* python3.11-referencing has been updated to 0.36.2\n* python3.11-tox-ansible has been updated to 25.1.0\n* python3.11-typing-extensions has been updated to 4.9.0", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:2518", url: "https://access.redhat.com/errata/RHSA-2025:2518", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2518.json", }, ], title: "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update", tracking: { current_release_date: "2025-04-15T13:12:36+00:00", generator: { date: "2025-04-15T13:12:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:2518", initial_release_date: "2025-03-10T14:46:24+00:00", revision_history: [ { date: "2025-03-10T14:46:24+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-11T18:57:53+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-15T13:12:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:2.5::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:2.5::el9", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9", }, }, }, ], category: "product_family", name: "Red Hat Ansible Automation Platform", }, { branches: [ { category: "product_version", name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", product: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", product_id: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-ansible-compat@25.1.2-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src", product: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src", product_id: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-tox-ansible@25.1.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-creator-0:25.0.0-1.el8ap.src", product: { name: "ansible-creator-0:25.0.0-1.el8ap.src", product_id: "ansible-creator-0:25.0.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-creator@25.0.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", product: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", product_id: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pytest-ansible@25.1.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-lint-0:25.1.2-1.el8ap.src", product: { name: "ansible-lint-0:25.1.2-1.el8ap.src", product_id: "ansible-lint-0:25.1.2-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-lint@25.1.2-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "molecule-0:25.2.0-1.el8ap.src", product: { name: "molecule-0:25.2.0-1.el8ap.src", product_id: "molecule-0:25.2.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/molecule@25.2.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-referencing-0:0.36.2-1.el8ap.src", product: { name: "python3.11-referencing-0:0.36.2-1.el8ap.src", product_id: "python3.11-referencing-0:0.36.2-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-referencing@0.36.2-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-navigator-0:25.1.0-1.el8ap.src", product: { name: "ansible-navigator-0:25.1.0-1.el8ap.src", product_id: "ansible-navigator-0:25.1.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-navigator@25.1.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", product: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", product_id: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jsonschema-path@0.3.4-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-dev-tools-0:25.2.0-1.el8ap.src", product: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.src", product_id: "ansible-dev-tools-0:25.2.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools@25.2.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-dev-environment-0:25.1.0-1.el8ap.src", product: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.src", product_id: "ansible-dev-environment-0:25.1.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-environment@25.1.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", product: { name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", product_id: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-importer@0.4.28-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el8ap.src", product: { name: "receptor-0:1.5.3-2.el8ap.src", product_id: "receptor-0:1.5.3-2.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-hub-0:4.10.2-1.el8ap.src", product: { name: "automation-hub-0:4.10.2-1.el8ap.src", product_id: "automation-hub-0:4.10.2-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-hub@4.10.2-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-rulebook-0:1.1.3-1.el8ap.src", product: { name: "ansible-rulebook-0:1.1.3-1.el8ap.src", product_id: "ansible-rulebook-0:1.1.3-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-rulebook@1.1.3-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", product: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", product_id: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20250312-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.6-1.el8ap.src", product: { name: "automation-eda-controller-0:1.1.6-1.el8ap.src", product_id: "automation-eda-controller-0:1.1.6-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.6-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-gateway-0:2.5.20250312-1.el8ap.src", product: { name: "automation-gateway-0:2.5.20250312-1.el8ap.src", product_id: "automation-gateway-0:2.5.20250312-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway@2.5.20250312-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", product: { name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", product_id: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-ng@4.10.2-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el8ap.src", product: { name: "automation-controller-0:4.6.9-1.el8ap.src", product_id: "automation-controller-0:4.6.9-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-podman-3:5.2.0-1.el8ap.src", product: { name: "python3.11-podman-3:5.2.0-1.el8ap.src", product_id: "python3.11-podman-3:5.2.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-podman@5.2.0-1.el8ap?arch=src&epoch=3", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", product: { name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", product_id: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-9.2.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", product: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", product_id: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-typing-extensions@4.9.0-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", product: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", product_id: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-ansible-compat@25.1.2-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src", product: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src", product_id: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-tox-ansible@25.1.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-creator-0:25.0.0-1.el9ap.src", product: { name: "ansible-creator-0:25.0.0-1.el9ap.src", product_id: "ansible-creator-0:25.0.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-creator@25.0.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", product: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", product_id: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pytest-ansible@25.1.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-lint-0:25.1.2-1.el9ap.src", product: { name: "ansible-lint-0:25.1.2-1.el9ap.src", product_id: "ansible-lint-0:25.1.2-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-lint@25.1.2-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "molecule-0:25.2.0-1.el9ap.src", product: { name: "molecule-0:25.2.0-1.el9ap.src", product_id: "molecule-0:25.2.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/molecule@25.2.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-referencing-0:0.36.2-1.el9ap.src", product: { name: "python3.11-referencing-0:0.36.2-1.el9ap.src", product_id: "python3.11-referencing-0:0.36.2-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-referencing@0.36.2-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-navigator-0:25.1.0-1.el9ap.src", product: { name: "ansible-navigator-0:25.1.0-1.el9ap.src", product_id: "ansible-navigator-0:25.1.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-navigator@25.1.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", product: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", product_id: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jsonschema-path@0.3.4-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-dev-tools-0:25.2.0-1.el9ap.src", product: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.src", product_id: "ansible-dev-tools-0:25.2.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools@25.2.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-dev-environment-0:25.1.0-1.el9ap.src", product: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.src", product_id: "ansible-dev-environment-0:25.1.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-environment@25.1.0-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", product: { name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", product_id: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-importer@0.4.28-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el9ap.src", product: { name: "receptor-0:1.5.3-2.el9ap.src", product_id: "receptor-0:1.5.3-2.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", product: { name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", product_id: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-ng@4.10.2-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", product: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", product_id: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20250312-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.6-1.el9ap.src", product: { name: "automation-eda-controller-0:1.1.6-1.el9ap.src", product_id: "automation-eda-controller-0:1.1.6-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.6-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-hub-0:4.10.2-1.el9ap.src", product: { name: "automation-hub-0:4.10.2-1.el9ap.src", product_id: "automation-hub-0:4.10.2-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-hub@4.10.2-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-gateway-0:2.5.20250312-1.el9ap.src", product: { name: "automation-gateway-0:2.5.20250312-1.el9ap.src", product_id: "automation-gateway-0:2.5.20250312-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway@2.5.20250312-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-rulebook-0:1.1.3-1.el9ap.src", product: { name: "ansible-rulebook-0:1.1.3-1.el9ap.src", product_id: "ansible-rulebook-0:1.1.3-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-rulebook@1.1.3-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el9ap.src", product: { name: "automation-controller-0:4.6.9-1.el9ap.src", product_id: "automation-controller-0:4.6.9-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-podman-3:5.2.0-1.el9ap.src", product: { name: "python3.11-podman-3:5.2.0-1.el9ap.src", product_id: "python3.11-podman-3:5.2.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-podman@5.2.0-1.el9ap?arch=src&epoch=3", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", product: { name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", product_id: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-9.2.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", product: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", product_id: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-typing-extensions@4.9.0-1.el9ap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", product: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", product_id: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-ansible-compat@25.1.2-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", product: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", product_id: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-tox-ansible@25.1.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-creator-0:25.0.0-1.el8ap.noarch", product: { name: "ansible-creator-0:25.0.0-1.el8ap.noarch", product_id: "ansible-creator-0:25.0.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-creator@25.0.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", product: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", product_id: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pytest-ansible@25.1.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-lint-0:25.1.2-1.el8ap.noarch", product: { name: "ansible-lint-0:25.1.2-1.el8ap.noarch", product_id: "ansible-lint-0:25.1.2-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-lint@25.1.2-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "molecule-0:25.2.0-1.el8ap.noarch", product: { name: "molecule-0:25.2.0-1.el8ap.noarch", product_id: "molecule-0:25.2.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/molecule@25.2.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", product: { name: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", product_id: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-referencing@0.36.2-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-navigator-0:25.1.0-1.el8ap.noarch", product: { name: "ansible-navigator-0:25.1.0-1.el8ap.noarch", product_id: "ansible-navigator-0:25.1.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-navigator@25.1.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", product: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", product_id: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jsonschema-path@0.3.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", product: { name: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", product_id: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools%2Bserver@25.2.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch", product: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch", product_id: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools@25.2.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch", product: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch", product_id: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-environment@25.1.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", product: { name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", product_id: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-importer@0.4.28-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "receptorctl-0:1.5.3-2.el8ap.noarch", product: { name: "receptorctl-0:1.5.3-2.el8ap.noarch", product_id: "receptorctl-0:1.5.3-2.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/receptorctl@1.5.3-2.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-hub-0:4.10.2-1.el8ap.noarch", product: { name: "automation-hub-0:4.10.2-1.el8ap.noarch", product_id: "automation-hub-0:4.10.2-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-hub@4.10.2-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-rulebook-0:1.1.3-1.el8ap.noarch", product: { name: "ansible-rulebook-0:1.1.3-1.el8ap.noarch", product_id: "ansible-rulebook-0:1.1.3-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-rulebook@1.1.3-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bactivitystream@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bapi_documentation@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bauthentication@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bchannel_auth@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bfeature_flags@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bjwt_consumer@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Boauth2_provider@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Brbac@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bredis_client@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Brest_filters@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", product: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", product_id: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.6-1.el8ap.noarch", product: { name: "automation-eda-controller-0:1.1.6-1.el8ap.noarch", product_id: "automation-eda-controller-0:1.1.6-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.6-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", product: { name: "automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", product_id: "automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base@1.1.6-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", product: { name: "automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", product_id: "automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.6-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", product: { name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", product_id: "automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.6-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", product: { name: "automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", product_id: "automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.6-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-0:2.5.20250312-1.el8ap.noarch", product: { name: "automation-gateway-0:2.5.20250312-1.el8ap.noarch", product_id: "automation-gateway-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", product: { name: "automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", product_id: "automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway-config@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", product: { name: "automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", product_id: "automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway-server@2.5.20250312-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", product: { name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", product_id: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-ng@4.10.2-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-cli-0:4.6.9-1.el8ap.noarch", product: { name: "automation-controller-cli-0:4.6.9-1.el8ap.noarch", product_id: "automation-controller-cli-0:4.6.9-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-cli@4.6.9-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-server-0:4.6.9-1.el8ap.noarch", product: { name: "automation-controller-server-0:4.6.9-1.el8ap.noarch", product_id: "automation-controller-server-0:4.6.9-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-server@4.6.9-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-ui-0:4.6.9-1.el8ap.noarch", product: { name: "automation-controller-ui-0:4.6.9-1.el8ap.noarch", product_id: "automation-controller-ui-0:4.6.9-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-ui@4.6.9-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-podman-3:5.2.0-1.el8ap.noarch", product: { name: "python3.11-podman-3:5.2.0-1.el8ap.noarch", product_id: "python3.11-podman-3:5.2.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-podman@5.2.0-1.el8ap?arch=noarch&epoch=3", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", product: { name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", product_id: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-9.2.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", product: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", product_id: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-typing-extensions@4.9.0-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", product: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", product_id: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-ansible-compat@25.1.2-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", product: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", product_id: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-tox-ansible@25.1.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-creator-0:25.0.0-1.el9ap.noarch", product: { name: "ansible-creator-0:25.0.0-1.el9ap.noarch", product_id: "ansible-creator-0:25.0.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-creator@25.0.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", product: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", product_id: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pytest-ansible@25.1.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-lint-0:25.1.2-1.el9ap.noarch", product: { name: "ansible-lint-0:25.1.2-1.el9ap.noarch", product_id: "ansible-lint-0:25.1.2-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-lint@25.1.2-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "molecule-0:25.2.0-1.el9ap.noarch", product: { name: "molecule-0:25.2.0-1.el9ap.noarch", product_id: "molecule-0:25.2.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/molecule@25.2.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", product: { name: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", product_id: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-referencing@0.36.2-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-navigator-0:25.1.0-1.el9ap.noarch", product: { name: "ansible-navigator-0:25.1.0-1.el9ap.noarch", product_id: "ansible-navigator-0:25.1.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-navigator@25.1.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", product: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", product_id: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jsonschema-path@0.3.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", product: { name: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", product_id: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools%2Bserver@25.2.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch", product: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch", product_id: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-tools@25.2.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch", product: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch", product_id: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-dev-environment@25.1.0-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", product: { name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", product_id: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-importer@0.4.28-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "receptorctl-0:1.5.3-2.el9ap.noarch", product: { name: "receptorctl-0:1.5.3-2.el9ap.noarch", product_id: "receptorctl-0:1.5.3-2.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/receptorctl@1.5.3-2.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", product: { name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", product_id: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-galaxy-ng@4.10.2-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bactivitystream@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bapi_documentation@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bauthentication@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bchannel_auth@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bfeature_flags@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bjwt_consumer@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Boauth2_provider@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Brbac@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Bredis_client@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base%2Brest_filters@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", product: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", product_id: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.6-1.el9ap.noarch", product: { name: "automation-eda-controller-0:1.1.6-1.el9ap.noarch", product_id: "automation-eda-controller-0:1.1.6-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.6-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", product: { name: "automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", product_id: "automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base@1.1.6-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", product: { name: "automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", product_id: "automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.6-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", product: { name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", product_id: "automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.6-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", product: { name: "automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", product_id: "automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.6-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-hub-0:4.10.2-1.el9ap.noarch", product: { name: "automation-hub-0:4.10.2-1.el9ap.noarch", product_id: "automation-hub-0:4.10.2-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-hub@4.10.2-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-0:2.5.20250312-1.el9ap.noarch", product: { name: "automation-gateway-0:2.5.20250312-1.el9ap.noarch", product_id: "automation-gateway-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", product: { name: "automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", product_id: "automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway-config@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", product: { name: "automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", product_id: "automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-gateway-server@2.5.20250312-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-rulebook-0:1.1.3-1.el9ap.noarch", product: { name: "ansible-rulebook-0:1.1.3-1.el9ap.noarch", product_id: "ansible-rulebook-0:1.1.3-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-rulebook@1.1.3-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-cli-0:4.6.9-1.el9ap.noarch", product: { name: "automation-controller-cli-0:4.6.9-1.el9ap.noarch", product_id: "automation-controller-cli-0:4.6.9-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-cli@4.6.9-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-server-0:4.6.9-1.el9ap.noarch", product: { name: "automation-controller-server-0:4.6.9-1.el9ap.noarch", product_id: "automation-controller-server-0:4.6.9-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-server@4.6.9-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-ui-0:4.6.9-1.el9ap.noarch", product: { name: "automation-controller-ui-0:4.6.9-1.el9ap.noarch", product_id: "automation-controller-ui-0:4.6.9-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-ui@4.6.9-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-podman-3:5.2.0-1.el9ap.noarch", product: { name: "python3.11-podman-3:5.2.0-1.el9ap.noarch", product_id: "python3.11-podman-3:5.2.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-podman@5.2.0-1.el9ap?arch=noarch&epoch=3", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", product: { name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", product_id: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-9.2.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", product: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", product_id: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-typing-extensions@4.9.0-1.el9ap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "receptor-0:1.5.3-2.el8ap.x86_64", product: { name: "receptor-0:1.5.3-2.el8ap.x86_64", product_id: "receptor-0:1.5.3-2.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", product: { name: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", product_id: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", product: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", product_id: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el8ap.x86_64", product: { name: "automation-controller-0:4.6.9-1.el8ap.x86_64", product_id: "automation-controller-0:4.6.9-1.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", product_id: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el9ap.x86_64", product: { name: "receptor-0:1.5.3-2.el9ap.x86_64", product_id: "receptor-0:1.5.3-2.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", product: { name: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", product_id: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", product: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", product_id: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el9ap.x86_64", product: { name: "automation-controller-0:4.6.9-1.el9ap.x86_64", product_id: "automation-controller-0:4.6.9-1.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", product_id: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el9ap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "receptor-0:1.5.3-2.el8ap.ppc64le", product: { name: "receptor-0:1.5.3-2.el8ap.ppc64le", product_id: "receptor-0:1.5.3-2.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", product: { name: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", product_id: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", product: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", product_id: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el8ap.ppc64le", product: { name: "automation-controller-0:4.6.9-1.el8ap.ppc64le", product_id: "automation-controller-0:4.6.9-1.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", product_id: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el9ap.ppc64le", product: { name: "receptor-0:1.5.3-2.el9ap.ppc64le", product_id: "receptor-0:1.5.3-2.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", product: { name: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", product_id: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", product: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", product_id: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el9ap.ppc64le", product: { name: "automation-controller-0:4.6.9-1.el9ap.ppc64le", product_id: "automation-controller-0:4.6.9-1.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", product_id: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el9ap?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "receptor-0:1.5.3-2.el8ap.s390x", product: { name: "receptor-0:1.5.3-2.el8ap.s390x", product_id: "receptor-0:1.5.3-2.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", product: { name: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", product_id: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", product: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", product_id: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el8ap.s390x", product: { name: "automation-controller-0:4.6.9-1.el8ap.s390x", product_id: "automation-controller-0:4.6.9-1.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", product_id: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el9ap.s390x", product: { name: "receptor-0:1.5.3-2.el9ap.s390x", product_id: "receptor-0:1.5.3-2.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", product: { name: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", product_id: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", product: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", product_id: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el9ap.s390x", product: { name: "automation-controller-0:4.6.9-1.el9ap.s390x", product_id: "automation-controller-0:4.6.9-1.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", product_id: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el9ap?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "receptor-0:1.5.3-2.el8ap.aarch64", product: { name: "receptor-0:1.5.3-2.el8ap.aarch64", product_id: "receptor-0:1.5.3-2.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", product: { name: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", product_id: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", product: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", product_id: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el8ap.aarch64", product: { name: "automation-controller-0:4.6.9-1.el8ap.aarch64", product_id: "automation-controller-0:4.6.9-1.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", product_id: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "receptor-0:1.5.3-2.el9ap.aarch64", product: { name: "receptor-0:1.5.3-2.el9ap.aarch64", product_id: "receptor-0:1.5.3-2.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor@1.5.3-2.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", product: { name: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", product_id: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debugsource@1.5.3-2.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", product: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", product_id: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/receptor-debuginfo@1.5.3-2.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.9-1.el9ap.aarch64", product: { name: "automation-controller-0:4.6.9-1.el9ap.aarch64", product_id: "automation-controller-0:4.6.9-1.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.9-1.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", product: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", product_id: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.9-1.el9ap?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.noarch", }, product_reference: "ansible-creator-0:25.0.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.src", }, product_reference: "ansible-creator-0:25.0.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.src", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", }, product_reference: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.src", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.aarch64", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.ppc64le", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.s390x", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.src", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.x86_64", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-server-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.noarch", }, product_reference: "molecule-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.src", }, product_reference: "molecule-0:25.2.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.src", }, product_reference: "receptor-0:1.5.3-2.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el8ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.src", }, product_reference: "receptor-0:1.5.3-2.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el8ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", }, product_reference: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", }, product_reference: "ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.noarch", }, product_reference: "ansible-creator-0:25.0.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.src", }, product_reference: "ansible-creator-0:25.0.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.src", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", }, product_reference: "ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.src", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-rulebook-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.noarch", }, product_reference: "ansible-rulebook-0:1.1.3-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-rulebook-0:1.1.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.src", }, product_reference: "ansible-rulebook-0:1.1.3-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.aarch64", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.ppc64le", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.s390x", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.src", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.x86_64", }, product_reference: "automation-controller-0:4.6.9-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-server-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.9-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el8ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.9-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.6-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.noarch", }, product_reference: "automation-eda-controller-0:1.1.6-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.6-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.src", }, product_reference: "automation-eda-controller-0:1.1.6-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-0:1.1.6-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", }, product_reference: "automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", }, product_reference: "automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", }, product_reference: "automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", }, product_reference: "automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "automation-gateway-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-0:2.5.20250312-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.src", }, product_reference: "automation-gateway-0:2.5.20250312-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-config-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-server-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-hub-0:4.10.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.noarch", }, product_reference: "automation-hub-0:4.10.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-hub-0:4.10.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.src", }, product_reference: "automation-hub-0:4.10.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.noarch", }, product_reference: "molecule-0:25.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.src", }, product_reference: "molecule-0:25.2.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", }, product_reference: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", }, product_reference: "python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", }, product_reference: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", }, product_reference: "python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", }, product_reference: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", }, product_reference: "python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-podman-3:5.2.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.noarch", }, product_reference: "python3.11-podman-3:5.2.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-podman-3:5.2.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.src", }, product_reference: "python3.11-podman-3:5.2.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.src", }, product_reference: "receptor-0:1.5.3-2.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el8ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.noarch", }, product_reference: "ansible-creator-0:25.0.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.src", }, product_reference: "ansible-creator-0:25.0.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.src", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", }, product_reference: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.src", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.aarch64", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.ppc64le", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.s390x", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.src", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.x86_64", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-server-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.noarch", }, product_reference: "molecule-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.src", }, product_reference: "molecule-0:25.2.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.src", }, product_reference: "receptor-0:1.5.3-2.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el9ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.src", }, product_reference: "receptor-0:1.5.3-2.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el9ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", }, product_reference: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", }, product_reference: "ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.noarch", }, product_reference: "ansible-creator-0:25.0.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-creator-0:25.0.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.src", }, product_reference: "ansible-creator-0:25.0.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-environment-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.src", }, product_reference: "ansible-dev-environment-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", }, product_reference: "ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-dev-tools-0:25.2.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.src", }, product_reference: "ansible-dev-tools-0:25.2.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.noarch", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-lint-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.src", }, product_reference: "ansible-lint-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.noarch", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-navigator-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.src", }, product_reference: "ansible-navigator-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-rulebook-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.noarch", }, product_reference: "ansible-rulebook-0:1.1.3-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-rulebook-0:1.1.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.src", }, product_reference: "ansible-rulebook-0:1.1.3-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.aarch64", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.ppc64le", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.s390x", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.src", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.9-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.x86_64", }, product_reference: "automation-controller-0:4.6.9-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-server-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.9-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el9ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.9-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.6-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.noarch", }, product_reference: "automation-eda-controller-0:1.1.6-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.6-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.src", }, product_reference: "automation-eda-controller-0:1.1.6-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-0:1.1.6-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", }, product_reference: "automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", }, product_reference: "automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", }, product_reference: "automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", }, product_reference: "automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "automation-gateway-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-0:2.5.20250312-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.src", }, product_reference: "automation-gateway-0:2.5.20250312-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-config-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-gateway-server-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-hub-0:4.10.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.noarch", }, product_reference: "automation-hub-0:4.10.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-hub-0:4.10.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.src", }, product_reference: "automation-hub-0:4.10.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.noarch", }, product_reference: "molecule-0:25.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "molecule-0:25.2.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.src", }, product_reference: "molecule-0:25.2.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", }, product_reference: "python3.11-ansible-compat-0:25.1.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", }, product_reference: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", }, product_reference: "python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", }, product_reference: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", }, product_reference: "python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", }, product_reference: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", }, product_reference: "python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", }, product_reference: "python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-podman-3:5.2.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.noarch", }, product_reference: "python3.11-podman-3:5.2.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-podman-3:5.2.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.src", }, product_reference: "python3.11-podman-3:5.2.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", }, product_reference: "python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.noarch", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-referencing-0:0.36.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.src", }, product_reference: "python3.11-referencing-0:0.36.2-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", }, product_reference: "python3.11-tox-ansible-0:25.1.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", }, product_reference: "python3.11-typing-extensions-0:4.9.0-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.src", }, product_reference: "receptor-0:1.5.3-2.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.s390x", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", }, product_reference: "receptor-debugsource-0:1.5.3-2.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "receptorctl-0:1.5.3-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el9ap.noarch", }, product_reference: "receptorctl-0:1.5.3-2.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2025-02-14T09:00:45.578144+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el9ap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2345695", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", ], known_not_affected: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el9ap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "RHBZ#2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-26791", url: "https://www.cve.org/CVERecord?id=CVE-2025-26791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { category: "external", summary: "https://ensy.zip/posts/dompurify-323-bypass/", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { category: "external", summary: "https://nsysean.github.io/posts/dompurify-323-bypass/", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, ], release_date: "2025-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-10T14:46:24+00:00", details: "Red Hat Ansible Automation Platform", product_ids: [ "8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2518", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:receptorctl-0:1.5.3-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-9.2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-creator-0:25.0.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-environment-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools+server-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-dev-tools-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-lint-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-navigator-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.9-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.9-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.6-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.6-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-hub-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:molecule-0:25.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-ansible-compat-0:25.1.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+feature_flags-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20250312-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-importer-0:0.4.28-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-galaxy-ng-0:4.10.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jsonschema-path-0:0.3.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-podman-3:5.2.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pytest-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-referencing-0:0.36.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-tox-ansible-0:25.1.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-typing-extensions-0:4.9.0-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:receptor-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debuginfo-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:receptor-debugsource-0:1.5.3-2.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:receptorctl-0:1.5.3-2.el9ap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", }, ], }
rhsa-2025:1875
Vulnerability from csaf_redhat
Published
2025-02-26 14:58
Modified
2025-04-15 13:12
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.9
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.9
This update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* kiali-ossmc-container: Mutation XSS in DOMPurify Due to Improper Template Literal Handling (CVE-2025-26791)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Service Mesh Containers for 2.5.9\n\nThis update has a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* kiali-ossmc-container: Mutation XSS in DOMPurify Due to Improper Template Literal Handling (CVE-2025-26791)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:1875", url: "https://access.redhat.com/errata/RHSA-2025:1875", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "OSSM-8726", url: "https://issues.redhat.com/browse/OSSM-8726", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1875.json", }, ], title: "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.9", tracking: { current_release_date: "2025-04-15T13:12:26+00:00", generator: { date: "2025-04-15T13:12:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:1875", initial_release_date: "2025-02-26T14:58:54+00:00", revision_history: [ { date: "2025-02-26T14:58:54+00:00", number: "1", summary: "Initial version", }, { date: "2025-02-26T14:58:54+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-15T13:12:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHOSSM 2.5 for RHEL 8", product: { name: "RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:service_mesh:2.5::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Service Mesh", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.18-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.19-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407?arch=amd64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.9-2", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.18-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", product_id: "openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", product_id: "openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.19-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", product_id: "openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779?arch=arm64&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.9-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.18-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", product_id: "openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", product_id: "openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.19-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", product_id: "openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573?arch=s390x&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.9-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", product: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", product_id: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8&tag=1.73.18-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", product: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", product_id: "openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", product_identification_helper: { purl: "pkg:oci/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", product: { name: "openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", product_id: "openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", product_identification_helper: { purl: "pkg:oci/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", product: { name: "openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", product_id: "openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", product_identification_helper: { purl: "pkg:oci/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8&tag=1.73.19-1", }, }, }, { category: "product_version", name: "openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", product: { name: "openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", product_id: "openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", product_identification_helper: { purl: "pkg:oci/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", product: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", product_id: "openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", product_identification_helper: { purl: "pkg:oci/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8&tag=2.5.9-2", }, }, }, { category: "product_version", name: "openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", product: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", product_id: "openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", product_identification_helper: { purl: "pkg:oci/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022?arch=ppc64le&repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8&tag=2.5.9-2", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", }, product_reference: "openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", }, product_reference: "openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", }, product_reference: "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", }, product_reference: "openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", }, product_reference: "openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", }, product_reference: "openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64 as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", relates_to_product_reference: "8Base-RHOSSM-2.5", }, { category: "default_component_of", full_product_name: { name: "openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le as a component of RHOSSM 2.5 for RHEL 8", product_id: "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", }, product_reference: "openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", relates_to_product_reference: "8Base-RHOSSM-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2025-02-14T09:00:45.578144+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2345695", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", ], known_not_affected: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "RHBZ#2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-26791", url: "https://www.cve.org/CVERecord?id=CVE-2025-26791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { category: "external", summary: "https://ensy.zip/posts/dompurify-323-bypass/", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { category: "external", summary: "https://nsysean.github.io/posts/dompurify-323-bypass/", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, ], release_date: "2025-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-02-26T14:58:54+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:1875", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4805de50a94f6207450feec5f25f253ac91a09f09fba84fa43616fa2eb921ec6_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:5b8df6bd69832e895d3f7b05b2faa9998e9e3651d29b4c96eb95902b486ca26f_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b3e692cdc02409eeabacf5800eaebbb7d2b2c9a4ee4a14456a2eed31304c128f_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:e4771c75fd1f1799c3d0db9cb871db9ab3f9a8e72266a163c3358f0a15173eb3_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:62275276d32979b98011b51affcc0d21f369baf9c028c37e4bcce7edbd8b9b67_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e469182998be2a18bf496d6b8514e42c0d6bdc2165c9fd6ce5ec6fa4067069b_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:9a8181c420067946be976f02099be2d659b46b45e56df8a3086f4eefebfd12b2_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e50212f1db1585a01a869d531c8e49a8179273eb5b64e75620875bf556947444_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:28275c4c916a70999a7f6d56102f5e0d6d5a3785aeb2459fd576c6711151f8d6_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:6ef113bb415294738339637216f4b8e8897a0022b5a120740c4b702cfbeecdb8_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:782260b4d4aa670c6ad283dde50c542766780d3bf82a087b0403203f9e97bca7_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d5f3ed856b5518dd838382e916efa19b3208dd947d72c5d496e31bdba74c6d9c_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:20a229f84297303c13f142499febb92d3d1a41f58386b8a3d508ef36abb28e90_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:382fcb486b8857cc1156f659671d61ac4cf5b80066ea03556c4a56e00af106de_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:530de464de0fa8af6dc2bec43933a8c1e68bf39cc91922d6b58dfccbb11696ae_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:a8e79324bc8fe14670f930a9b82dcfd7e422591e4eb917f6b0af9de61ed7372a_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:6897d1e8f1fd54ec7ba85c48332ae9ad43084bdf67f55629cbf38113e14efa4a_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c35165452493f4dec7ea01295fe92e38e066d1c6ffa8767002844d478fd2226d_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c821e534df72e6d26d5d57f25aadc815b55e8c771bf21714baa84967af805e62_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:d7027efeaba323064dc0c3df6463685c6de50fe156b8794f7b98ffac12b0cfcd_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:0710c721d6099ee39415aac1e11a58bbed768fba8999114b64640a98f133def9_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99a8c00bddf565bca5a72cfd488711c67a7e60cbfcf7514e665db02aa9758ba0_ppc64le", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c97a1d7702ea5446a3856636ec8b69890d6f584a5e723a98ff3fe3f57bb0f511_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cd9ed511d0987d924f855322405342c376246a20bfbeaab5e66bb7c3a81edeb1_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1c52d4c4d2a4a8e0a985357de883f4ca56e28356bfa18584c8dc52e253af1779_arm64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:91d314da0e24a6dde0dbbdc1b302e63209bf24947579babb2e1fdbbe8f700573_s390x", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:c913a84ab9deebc10eef089ab3c17ffbb64489e01af729471722cffb755f6407_amd64", "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:ea20bf391ab3fea744314338fd20f91dfbf668f55c8f6c9032272d57be730022_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", }, ], }
rhsa-2025:3397
Vulnerability from csaf_redhat
Published
2025-03-31 08:04
Modified
2025-04-23 07:14
Summary
Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI
Notes
Topic
Updated images are now available for Red Hat OpenShift AI.
Details
Release of RHOAI 2.16.0 provides these changes:
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat OpenShift AI.", title: "Topic", }, { category: "general", text: "Release of RHOAI 2.16.0 provides these changes:", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3397", url: "https://access.redhat.com/errata/RHSA-2025:3397", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", url: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3397.json", }, ], title: "Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI", tracking: { current_release_date: "2025-04-23T07:14:36+00:00", generator: { date: "2025-04-23T07:14:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3397", initial_release_date: "2025-03-31T08:04:43+00:00", revision_history: [ { date: "2025-03-31T08:04:43+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-31T08:04:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-23T07:14:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift AI 2.16", product: { name: "Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_ai:2.16::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift AI", }, { branches: [ { category: "product_version", name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", product: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", product_id: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", product_identification_helper: { purl: "pkg:oci/odh-codeflare-operator-rhel8@sha256%3A04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743007500", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product_id: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product_identification_helper: { purl: "pkg:oci/odh-dashboard-rhel8@sha256%3A13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1741963152", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Aee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851855", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3Ad7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851855", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3Aa0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487380", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product_id: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product_identification_helper: { purl: "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3A2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487225", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", product: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", product_id: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", product_identification_helper: { purl: "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743007122", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", product: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", product_id: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", product_identification_helper: { purl: "pkg:oci/odh-kueue-controller-rhel8@sha256%3A7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743007660", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3A23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743008335", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3Aefd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743008335", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3A27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743008335", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743008335", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743008335", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product_id: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product_identification_helper: { purl: "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487039", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product_id: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product_identification_helper: { purl: "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Af738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1741882429", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product_id: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-controller-rhel8@sha256%3A6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742480582", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742488678", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-rhel8@sha256%3Ade5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742489233", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3A4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742488070", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3A11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487789", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-rhel8@sha256%3Ac499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742490565", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product_id: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product_identification_helper: { purl: "pkg:oci/odh-notebook-controller-rhel8@sha256%3A4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487225", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", product: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", product_id: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", product_identification_helper: { purl: "pkg:oci/odh-operator-bundle@sha256%3Ac249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743106241", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", product: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", product_id: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", product_identification_helper: { purl: "pkg:oci/odh-rhel8-operator@sha256%3A3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1743105405", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product_id: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product_identification_helper: { purl: "pkg:oci/odh-training-operator-rhel8@sha256%3Ac8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742896493", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3Af37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742982653", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-rhel8@sha256%3A633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487757", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, ], }, vulnerabilities: [ { cve: "CVE-2024-21538", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-11-08T13:44:29.182678+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324550", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.", title: "Vulnerability description", }, { category: "summary", text: "cross-spawn: regular expression denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-21538", }, { category: "external", summary: "RHBZ#2324550", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324550", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-21538", url: "https://www.cve.org/CVERecord?id=CVE-2024-21538", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", url: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", url: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/pull/160", url: "https://github.com/moxystudio/node-cross-spawn/pull/160", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", url: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", }, ], release_date: "2024-11-08T05:00:04.695000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cross-spawn: regular expression denial of service", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45338", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-12-18T21:00:59.938173+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333122", }, ], notes: [ { category: "description", text: "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45338", }, { category: "external", summary: "RHBZ#2333122", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333122", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45338", url: "https://www.cve.org/CVERecord?id=CVE-2024-45338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45338", }, { category: "external", summary: "https://go.dev/cl/637536", url: "https://go.dev/cl/637536", }, { category: "external", summary: "https://go.dev/issue/70906", url: "https://go.dev/issue/70906", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ", url: "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3333", url: "https://pkg.go.dev/vuln/GO-2024-3333", }, ], release_date: "2024-12-18T20:38:22.660000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html", }, { cve: "CVE-2024-45339", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, discovery_date: "2025-01-28T02:00:48.029971+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2342463", }, ], notes: [ { category: "description", text: "A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.", title: "Vulnerability description", }, { category: "summary", text: "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45339", }, { category: "external", summary: "RHBZ#2342463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2342463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45339", url: "https://www.cve.org/CVERecord?id=CVE-2024-45339", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45339", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45339", }, { category: "external", summary: "https://github.com/golang/glog/pull/74", url: "https://github.com/golang/glog/pull/74", }, { category: "external", summary: "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2", url: "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs", url: "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs", }, { category: "external", summary: "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File", url: "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3372", url: "https://pkg.go.dev/vuln/GO-2025-3372", }, ], release_date: "2025-01-28T01:03:24.105000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog", }, { cve: "CVE-2024-52798", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-12-05T23:00:59.020167+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2330689", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability exists because of an incomplete fix for CVE-2024-45296.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-52798", }, { category: "external", summary: "RHBZ#2330689", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330689", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-52798", url: "https://www.cve.org/CVERecord?id=CVE-2024-52798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", url: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", }, ], release_date: "2024-12-05T22:45:42.774000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, { category: "workaround", details: "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", }, { cve: "CVE-2024-55565", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-12-09T02:00:45.255738+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2331063", }, ], notes: [ { category: "description", text: "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.", title: "Vulnerability description", }, { category: "summary", text: "nanoid: nanoid mishandles non-integer values", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-55565", }, { category: "external", summary: "RHBZ#2331063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2331063", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-55565", url: "https://www.cve.org/CVERecord?id=CVE-2024-55565", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", }, { category: "external", summary: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", url: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", }, { category: "external", summary: "https://github.com/ai/nanoid/pull/510", url: "https://github.com/ai/nanoid/pull/510", }, { category: "external", summary: "https://github.com/ai/nanoid/releases/tag/5.0.9", url: "https://github.com/ai/nanoid/releases/tag/5.0.9", }, ], release_date: "2024-12-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nanoid: nanoid mishandles non-integer values", }, { cve: "CVE-2024-56171", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2025-02-18T23:01:25.366636+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2346416", }, ], notes: [ { category: "description", text: "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use-After-Free in libxml2", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56171", }, { category: "external", summary: "RHBZ#2346416", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56171", url: "https://www.cve.org/CVERecord?id=CVE-2024-56171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", }, ], release_date: "2025-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use-After-Free in libxml2", }, { cve: "CVE-2024-56201", cwe: { id: "CWE-150", name: "Improper Neutralization of Escape, Meta, or Control Sequences", }, discovery_date: "2024-12-23T16:00:38.768252+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333854", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through malicious filenames", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56201", }, { category: "external", summary: "RHBZ#2333854", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333854", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56201", url: "https://www.cve.org/CVERecord?id=CVE-2024-56201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", url: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", }, { category: "external", summary: "https://github.com/pallets/jinja/issues/1792", url: "https://github.com/pallets/jinja/issues/1792", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", url: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", }, ], release_date: "2024-12-23T15:37:36.110000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, { category: "workaround", details: "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jinja2: Jinja has a sandbox breakout through malicious filenames", }, { cve: "CVE-2025-22150", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, discovery_date: "2025-01-21T18:01:24.182126+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2339176", }, ], notes: [ { category: "description", text: "A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.", title: "Vulnerability description", }, { category: "summary", text: "undici: Undici Uses Insufficiently Random Values", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22150", }, { category: "external", summary: "RHBZ#2339176", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2339176", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22150", url: "https://www.cve.org/CVERecord?id=CVE-2025-22150", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22150", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22150", }, { category: "external", summary: "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f", url: "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f", }, { category: "external", summary: "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113", url: "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0", url: "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a", url: "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385", url: "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385", }, { category: "external", summary: "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975", url: "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975", }, { category: "external", summary: "https://hackerone.com/reports/2913312", url: "https://hackerone.com/reports/2913312", }, ], release_date: "2025-01-21T17:46:58.872000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "undici: Undici Uses Insufficiently Random Values", }, { cve: "CVE-2025-24928", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2025-02-18T23:01:36.502916+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2346421", }, ], notes: [ { category: "description", text: "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24928", }, { category: "external", summary: "RHBZ#2346421", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24928", url: "https://www.cve.org/CVERecord?id=CVE-2025-24928", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", }, { category: "external", summary: "https://issues.oss-fuzz.com/issues/392687022", url: "https://issues.oss-fuzz.com/issues/392687022", }, ], release_date: "2025-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", }, { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2025-02-14T09:00:45.578144+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2345695", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "RHBZ#2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-26791", url: "https://www.cve.org/CVERecord?id=CVE-2025-26791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { category: "external", summary: "https://ensy.zip/posts/dompurify-323-bypass/", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { category: "external", summary: "https://nsysean.github.io/posts/dompurify-323-bypass/", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, ], release_date: "2025-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-31T08:04:43+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3397", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:04f305c44413ae7dcb7017e53570ee49a509701792c5f50efadd64f47395730b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:23d307a36b69e0df04f72a7d3b35e28d8417a8bbe23dba31e8e977569785c078_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:5192f1dbd2a9ab92ae390c4ae506efbed0970545b6122e95b014728ac937e777_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:4a212ec634225c14beac09be24ddf336e562f2aa9a13555fb1196f366ddae23c_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:c249b0fb2c573efc118557d9dd1551181d7b2dabcf8a9b86d9441059124d3802_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:3463aaa8f2a06e8b43cd6a39ff86aea7c76926d72ee0f53cf0e514399e4aed33_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:f37e4048f3a152798286793f3abfc6ed814453fcbe2667255a7e78eee483c5a3_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", }, ], }
rhsa-2025:3886
Vulnerability from csaf_redhat
Published
2025-04-15 07:52
Modified
2025-04-18 01:28
Summary
Red Hat Security Advisory: RHOAI 2.19.0 - Red Hat OpenShift AI
Notes
Topic
Updated images are now available for Red Hat OpenShift AI.
Details
Release of RHOAI 2.19.0 provides these changes:
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat OpenShift AI.", title: "Topic", }, { category: "general", text: "Release of RHOAI 2.19.0 provides these changes:", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3886", url: "https://access.redhat.com/errata/RHSA-2025:3886", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2025-22868", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2025-26791", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/", url: "https://access.redhat.com/security/updates/classification/", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", url: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3886.json", }, ], title: "Red Hat Security Advisory: RHOAI 2.19.0 - Red Hat OpenShift AI", tracking: { current_release_date: "2025-04-18T01:28:13+00:00", generator: { date: "2025-04-18T01:28:13+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3886", initial_release_date: "2025-04-15T07:52:02+00:00", revision_history: [ { date: "2025-04-15T07:52:02+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-15T07:52:02+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-18T01:28:13+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift AI 2.19", product: { name: "Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_ai:2.19::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift AI", }, { branches: [ { category: "product_version", name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", product: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", product_id: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", product_identification_helper: { purl: "pkg:oci/odh-codeflare-operator-rhel8@sha256%3Aed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776794", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", product: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", product_id: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", product_identification_helper: { purl: "pkg:oci/odh-dashboard-rhel8@sha256%3A2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743595568", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3A58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743466887", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3A2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743466660", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3A7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743467273", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", product: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", product_id: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", product_identification_helper: { purl: "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3A57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743469240", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", product: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", product_id: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", product_identification_helper: { purl: "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776904", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", product: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", product_id: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", product_identification_helper: { purl: "pkg:oci/odh-kueue-controller-rhel8@sha256%3A306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743812659", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Ada649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776821", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776821", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3A31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776821", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776821", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-runtime-generic-rhel8@sha256%3A5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743794143", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776821", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", product: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", product_id: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", product_identification_helper: { purl: "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743469082", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", product: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", product_id: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", product_identification_helper: { purl: "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Af0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743467374", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", product_id: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-controller-rhel8@sha256%3Ac013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776979", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-operator-rhel8@sha256%3Afe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776946", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-rhel8@sha256%3Ab13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776956", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3A12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776970", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3Af3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743467008", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-rhel8@sha256%3A43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743466438", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", product: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", product_id: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", product_identification_helper: { purl: "pkg:oci/odh-notebook-controller-rhel8@sha256%3Aefa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743469240", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", product: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", product_id: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", product_identification_helper: { purl: "pkg:oci/odh-operator-bundle@sha256%3A9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1744113118", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", product: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", product_id: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", product_identification_helper: { purl: "pkg:oci/odh-rhel8-operator@sha256%3A88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1744109564", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", product: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", product_id: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", product_identification_helper: { purl: "pkg:oci/odh-training-operator-rhel8@sha256%3Acb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776990", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1744030268", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-rhel8@sha256%3A3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743597072", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", product: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", product_id: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", product_identification_helper: { purl: "pkg:oci/odh-dashboard-rhel8@sha256%3A271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40?arch=ppc64le&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743595568", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", product: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", product_id: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", product_identification_helper: { purl: "pkg:oci/odh-model-controller-rhel8@sha256%3A0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03?arch=ppc64le&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776979", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", product: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", product_id: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", product_identification_helper: { purl: "pkg:oci/odh-rhel8-operator@sha256%3Ad7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2?arch=ppc64le&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1744109564", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", product: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", product_id: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", product_identification_helper: { purl: "pkg:oci/odh-dashboard-rhel8@sha256%3A5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e?arch=s390x&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743595568", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", product: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", product_id: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", product_identification_helper: { purl: "pkg:oci/odh-model-controller-rhel8@sha256%3A523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922?arch=s390x&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1743776979", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", product: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", product_id: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", product_identification_helper: { purl: "pkg:oci/odh-rhel8-operator@sha256%3A65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc?arch=s390x&repository_url=registry.redhat.io/rhoai&tag=v2.19.0-1744109564", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", }, product_reference: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", }, product_reference: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", }, product_reference: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", }, product_reference: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", }, product_reference: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", }, product_reference: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64 as a component of Red Hat OpenShift AI 2.19", product_id: "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.19", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-15T07:52:02+00:00", details: "For Red Hat OpenShift AI 2.19.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3886", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2025-02-14T09:00:45.578144+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2345695", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", ], known_not_affected: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "RHBZ#2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-26791", url: "https://www.cve.org/CVERecord?id=CVE-2025-26791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { category: "external", summary: "https://ensy.zip/posts/dompurify-323-bypass/", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { category: "external", summary: "https://nsysean.github.io/posts/dompurify-323-bypass/", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, ], release_date: "2025-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-15T07:52:02+00:00", details: "For Red Hat OpenShift AI 2.19.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3886", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:ed1221a6e826166806ec6e18e42e098cb97767471059527c7fc6f47b8d6fb58a_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:271879affee3a08fc827f6c0e8fb4c06eab240a7f0d78dd2ceeef20c81a5ae40_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:2f89b93b906739da7ad1c00e4ede3617e779fe6c02a10e566ea2bb742a713003_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:5c731221878716866bfeaa1f85a7ed5323592b23d3751e489794d0087ad16a0e_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:58ad80b2ec191778631287f5f10608db1623e8ba82d220860d81df246083de11_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:2760fe9bd0846bdad2d6586254e6e0ada18c03ac02ffc5313ead7d187f66a9a2_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:7bfbec509400d0642d39ca59f4389e4daed9ea1fb39fbb549eb182edc10929ac_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:57b6c232523d4ab6faafab37c4ecdad4683e27c82719223499032f42c1a24ee1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:823f3fe491aa906352805f71d57fc446e11327f5a6f5fca42cce044ddc41c308_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:306fa16ce1899be0dfeaba34e225c958592135ec4dde3c44e7f920fbed11937e_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:da649491f5112763d9f563d64ca3455ed5e4309b15adab0886ae16e0bb367b0c_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:74e233642eb1b544ab9c3b260251bba8c11dd9015563110921940e9e5976bdd5_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:31412062bc02196bca820b65fa2492bdac6ffc8b5d1add729806144ef2aca919_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:4e0c858d68f925a307ee53498aa6019563254c5b27f5d7635debc0195db2c5bd_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel8@sha256:5040cf36b6261d20826df3ca408d11a186db7840560a667a24c68d78cadb9e35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:99ca5a981184f0dd3f94105172b20494328c5c7a762fb027905e108710b7b5d4_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:56c432c302bec0a7b810e037da5c649da39a5180a4fabf2fb3d0a2ac2e53ecd3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f0167ad11880010c6247dce02e4d1b2ec969222976c5b12612ee10bbf3fb4d18_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:0aefcdfbf2a3979576f5ddbfd1a0dac0be972b9b501d93ef7cd4a38491e2fa03_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:523cff7ef18c252777e211f5b1f4749110c081c1414a3df4fe9de5b4832c3922_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:c013d3d264d3ef15e21ab2a3d5a08ddd725e54d8474f2d8b7e400d4d9e76ff44_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:fe5905f3206cfe7600682337e29c15bc6dd7285575fd9b3815b697bbdefa3de1_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:b13d5304310c839720b99cd984a69482f5968663d3124feaaf1c2db0b2715cd6_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:43d98c254ad76c2eefc48a56e84e4083281c72e8b9ae38e49dfb6d5751bdb895_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:12d75776a60c119d938dec28625f574f5d55a2616c49bb8773e5b87ba3141280_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:f3d8cc96fd3415efed5b5d69b7db622adc32cd9bd74ff14634d02218f1572815_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:efa0c07e1cd20fdce0998aab507b8943e5eacbb464bc969bf1c7e9785a474eca_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9668d85dd7a401d0fb9c4b55f92385b9626fc07f46de2bf900994774b06bda35_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:65bbc1f8225e1ddbf26a08003b10e4f93f1dc00f1ae2e23b20fc97b30eb288dc_s390x", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:88728b06c7da4b135eaa5e35d2f55411cef748bd6af69647fcb0b3cedffdabdf_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:d7a6b499d67f1ae0e0e52b26e0a9b3affc41c5362f8904527ca8611d588d27f2_ppc64le", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:cb92b95042cb633e2b3d031fbb4d80ed30212228038c80dddcc38c74d8f01cc3_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:1067eb5fc23943c6c508af77af19b823486ffadffbf5ce363107c1fb19a99dde_amd64", "Red Hat OpenShift AI 2.19:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:3c6efcf160541e11cc71881edb6a0d88add89464b04d8b8e9c9954b1d2685888_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", }, ], }
rhsa-2025:3368
Vulnerability from csaf_redhat
Published
2025-03-27 17:45
Modified
2025-04-23 07:14
Summary
Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI
Notes
Topic
Updated images are now available for Red Hat OpenShift AI.
Details
Release of RHOAI 2.16.0 provides these changes:
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat OpenShift AI.", title: "Topic", }, { category: "general", text: "Release of RHOAI 2.16.0 provides these changes:", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3368", url: "https://access.redhat.com/errata/RHSA-2025:3368", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", url: "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3368.json", }, ], title: "Red Hat Security Advisory: RHOAI 2.16.0 - Red Hat OpenShift AI", tracking: { current_release_date: "2025-04-23T07:14:26+00:00", generator: { date: "2025-04-23T07:14:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3368", initial_release_date: "2025-03-27T17:45:39+00:00", revision_history: [ { date: "2025-03-27T17:45:39+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T17:45:39+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-23T07:14:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift AI 2.16", product: { name: "Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_ai:2.16::el8", }, }, }, ], category: "product_family", name: "Red Hat OpenShift AI", }, { branches: [ { category: "product_version", name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", product: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", product_id: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", product_identification_helper: { purl: "pkg:oci/odh-codeflare-operator-rhel8@sha256%3A8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742489156", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product_id: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", product_identification_helper: { purl: "pkg:oci/odh-dashboard-rhel8@sha256%3A13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1741963152", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Aee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851855", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3Ad7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851855", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product_id: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", product_identification_helper: { purl: "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3Aa0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487380", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product_id: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", product_identification_helper: { purl: "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3A2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487225", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", product: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", product_id: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", product_identification_helper: { purl: "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487199", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", product: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", product_id: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", product_identification_helper: { purl: "pkg:oci/odh-kueue-controller-rhel8@sha256%3A036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742569683", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Abe47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851679", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851679", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3A8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851679", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851679", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", product: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", product_id: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", product_identification_helper: { purl: "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742851679", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product_id: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", product_identification_helper: { purl: "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487039", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product_id: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", product_identification_helper: { purl: "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Af738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1741882429", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product_id: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-controller-rhel8@sha256%3A6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742480582", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742488678", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product_id: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", product_identification_helper: { purl: "pkg:oci/odh-model-registry-rhel8@sha256%3Ade5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742489233", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3A4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742488070", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3A11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487789", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product_id: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", product_identification_helper: { purl: "pkg:oci/odh-modelmesh-rhel8@sha256%3Ac499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742490565", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product_id: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", product_identification_helper: { purl: "pkg:oci/odh-notebook-controller-rhel8@sha256%3A4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487225", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", product: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", product_id: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", product_identification_helper: { purl: "pkg:oci/odh-operator-bundle@sha256%3A0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742921697", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", product: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", product_id: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", product_identification_helper: { purl: "pkg:oci/odh-rhel8-operator@sha256%3Ac11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.1-1742921168", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product_id: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", product_identification_helper: { purl: "pkg:oci/odh-training-operator-rhel8@sha256%3Ac8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742896493", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742891516", }, }, }, { category: "product_version", name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product_id: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", product_identification_helper: { purl: "pkg:oci/odh-trustyai-service-rhel8@sha256%3A633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be?arch=amd64&repository_url=registry.redhat.io/rhoai&tag=v2.16.2-1742487757", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64 as a component of Red Hat OpenShift AI 2.16", product_id: "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", }, product_reference: "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", relates_to_product_reference: "Red Hat OpenShift AI 2.16", }, ], }, vulnerabilities: [ { cve: "CVE-2024-21538", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-11-08T13:44:29.182678+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2324550", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.", title: "Vulnerability description", }, { category: "summary", text: "cross-spawn: regular expression denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-21538", }, { category: "external", summary: "RHBZ#2324550", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2324550", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-21538", url: "https://www.cve.org/CVERecord?id=CVE-2024-21538", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", url: "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", url: "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", }, { category: "external", summary: "https://github.com/moxystudio/node-cross-spawn/pull/160", url: "https://github.com/moxystudio/node-cross-spawn/pull/160", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", url: "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", }, ], release_date: "2024-11-08T05:00:04.695000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "cross-spawn: regular expression denial of service", }, { cve: "CVE-2024-45296", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-09-09T19:20:18.127723+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310908", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: Backtracking regular expressions cause ReDoS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45296", }, { category: "external", summary: "RHBZ#2310908", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310908", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45296", url: "https://www.cve.org/CVERecord?id=CVE-2024-45296", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45296", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", url: "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", url: "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j", }, ], release_date: "2024-09-09T19:15:13.330000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: Backtracking regular expressions cause ReDoS", }, { cve: "CVE-2024-45338", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-12-18T21:00:59.938173+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333122", }, ], notes: [ { category: "description", text: "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45338", }, { category: "external", summary: "RHBZ#2333122", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333122", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45338", url: "https://www.cve.org/CVERecord?id=CVE-2024-45338", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45338", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45338", }, { category: "external", summary: "https://go.dev/cl/637536", url: "https://go.dev/cl/637536", }, { category: "external", summary: "https://go.dev/issue/70906", url: "https://go.dev/issue/70906", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ", url: "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3333", url: "https://pkg.go.dev/vuln/GO-2024-3333", }, ], release_date: "2024-12-18T20:38:22.660000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html", }, { cve: "CVE-2024-45339", cwe: { id: "CWE-59", name: "Improper Link Resolution Before File Access ('Link Following')", }, discovery_date: "2025-01-28T02:00:48.029971+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2342463", }, ], notes: [ { category: "description", text: "A flaw was found in glog, a logging library. This vulnerability allows an unprivileged attacker to overwrite sensitive files via a symbolic link planted in a widely writable directory, exploiting the log file path predictability.", title: "Vulnerability description", }, { category: "summary", text: "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45339", }, { category: "external", summary: "RHBZ#2342463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2342463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45339", url: "https://www.cve.org/CVERecord?id=CVE-2024-45339", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45339", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45339", }, { category: "external", summary: "https://github.com/golang/glog/pull/74", url: "https://github.com/golang/glog/pull/74", }, { category: "external", summary: "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2", url: "https://github.com/golang/glog/pull/74/commits/b8741656e406e66d6992bc2c9575e460ecaa0ec2", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs", url: "https://groups.google.com/g/golang-announce/c/H-Q4ouHWyKs", }, { category: "external", summary: "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File", url: "https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3372", url: "https://pkg.go.dev/vuln/GO-2025-3372", }, ], release_date: "2025-01-28T01:03:24.105000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "github.com/golang/glog: Vulnerability when creating log files in github.com/golang/glog", }, { cve: "CVE-2024-52798", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2024-12-05T23:00:59.020167+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2330689", }, ], notes: [ { category: "description", text: "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.", title: "Vulnerability description", }, { category: "summary", text: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability exists because of an incomplete fix for CVE-2024-45296.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-52798", }, { category: "external", summary: "RHBZ#2330689", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2330689", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-52798", url: "https://www.cve.org/CVERecord?id=CVE-2024-52798", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-52798", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", url: "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4", }, { category: "external", summary: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", url: "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w", }, ], release_date: "2024-12-05T22:45:42.774000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, { category: "workaround", details: "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x", }, { cve: "CVE-2024-55565", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-12-09T02:00:45.255738+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2331063", }, ], notes: [ { category: "description", text: "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.", title: "Vulnerability description", }, { category: "summary", text: "nanoid: nanoid mishandles non-integer values", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-55565", }, { category: "external", summary: "RHBZ#2331063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2331063", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-55565", url: "https://www.cve.org/CVERecord?id=CVE-2024-55565", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-55565", }, { category: "external", summary: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", url: "https://github.com/ai/nanoid/compare/3.3.7...3.3.8", }, { category: "external", summary: "https://github.com/ai/nanoid/pull/510", url: "https://github.com/ai/nanoid/pull/510", }, { category: "external", summary: "https://github.com/ai/nanoid/releases/tag/5.0.9", url: "https://github.com/ai/nanoid/releases/tag/5.0.9", }, ], release_date: "2024-12-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nanoid: nanoid mishandles non-integer values", }, { cve: "CVE-2024-56171", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2025-02-18T23:01:25.366636+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2346416", }, ], notes: [ { category: "description", text: "A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use-After-Free in libxml2", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as important because it involves a use-after-free flaw in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions. A maliciously crafted XML document or schema, containing specific identity constraints, can be used to trigger this vulnerability and potentially gain unauthorized access or cause a denial-of-service condition.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56171", }, { category: "external", summary: "RHBZ#2346416", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56171", url: "https://www.cve.org/CVERecord?id=CVE-2024-56171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56171", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", }, ], release_date: "2025-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use-After-Free in libxml2", }, { cve: "CVE-2024-56201", cwe: { id: "CWE-150", name: "Improper Neutralization of Escape, Meta, or Control Sequences", }, discovery_date: "2024-12-23T16:00:38.768252+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333854", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through malicious filenames", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56201", }, { category: "external", summary: "RHBZ#2333854", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333854", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56201", url: "https://www.cve.org/CVERecord?id=CVE-2024-56201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", url: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", }, { category: "external", summary: "https://github.com/pallets/jinja/issues/1792", url: "https://github.com/pallets/jinja/issues/1792", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", url: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", }, ], release_date: "2024-12-23T15:37:36.110000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, { category: "workaround", details: "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jinja2: Jinja has a sandbox breakout through malicious filenames", }, { cve: "CVE-2025-22150", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, discovery_date: "2025-01-21T18:01:24.182126+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2339176", }, ], notes: [ { category: "description", text: "A flaw was found in the undici package for Node.js. Undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met.", title: "Vulnerability description", }, { category: "summary", text: "undici: Undici Uses Insufficiently Random Values", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22150", }, { category: "external", summary: "RHBZ#2339176", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2339176", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22150", url: "https://www.cve.org/CVERecord?id=CVE-2025-22150", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22150", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22150", }, { category: "external", summary: "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f", url: "https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f", }, { category: "external", summary: "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113", url: "https://github.com/nodejs/undici/blob/8b06b8250907d92fead664b3368f1d2aa27c1f35/lib/web/fetch/body.js#L113", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0", url: "https://github.com/nodejs/undici/commit/711e20772764c29f6622ddc937c63b6eefdf07d0", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a", url: "https://github.com/nodejs/undici/commit/c2d78cd19fe4f4c621424491e26ce299e65e934a", }, { category: "external", summary: "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385", url: "https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385", }, { category: "external", summary: "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975", url: "https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975", }, { category: "external", summary: "https://hackerone.com/reports/2913312", url: "https://hackerone.com/reports/2913312", }, ], release_date: "2025-01-21T17:46:58.872000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "undici: Undici Uses Insufficiently Random Values", }, { cve: "CVE-2025-24928", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, discovery_date: "2025-02-18T23:01:36.502916+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2346421", }, ], notes: [ { category: "description", text: "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-24928", }, { category: "external", summary: "RHBZ#2346421", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-24928", url: "https://www.cve.org/CVERecord?id=CVE-2025-24928", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-24928", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", url: "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", }, { category: "external", summary: "https://issues.oss-fuzz.com/issues/392687022", url: "https://issues.oss-fuzz.com/issues/392687022", }, ], release_date: "2025-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", }, { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2025-02-14T09:00:45.578144+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2345695", }, ], notes: [ { category: "description", text: "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.", title: "Vulnerability description", }, { category: "summary", text: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], known_not_affected: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "RHBZ#2345695", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2345695", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-26791", url: "https://www.cve.org/CVERecord?id=CVE-2025-26791", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { category: "external", summary: "https://ensy.zip/posts/dompurify-323-bypass/", url: "https://ensy.zip/posts/dompurify-323-bypass/", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { category: "external", summary: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { category: "external", summary: "https://nsysean.github.io/posts/dompurify-323-bypass/", url: "https://nsysean.github.io/posts/dompurify-323-bypass/", }, ], release_date: "2025-02-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T17:45:39+00:00", details: "For Red Hat OpenShift AI 2.16.0 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/", product_ids: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3368", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:8d78e6f1c302b1de6c45435a3d49c807fe5e4dbfe3e7a3d3ebfa0cac6318e79a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:13da7e12e135cdb33c89686eca84cffae8ef691fcb4f346622ebd9b47f0a69ee_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:be47d58f1943c5b4becc8cb541d9b0a53e6811451d9010c447b2c3e9b85c06c2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:96253b1b94bbaab87d4f8118dfee323eefebdc3734a7e01ebcf906dbc02a2a55_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:52613c18ed44062b6e5d5b748572dad624f773a83dbc7251ff87a807142e118a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:f738aab1eab25854c93e1d8d4d98100a8ae7bb45a6b83f0326774e4220b1183b_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:22557a6fa52d2f311750a9ba253860f423ba697d26efa02ef8524a8258d2a909_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:de5f91180ead7d73a1825fe8b032fde9b8b01392569c9789f5ce1b4b9c08a98f_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:11a301728573adf2b64ea72d0cb2d83ea5d4dbebea759f346e99f18c3d368c6e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:0471c444b4e0c6da97abf7936fe3af89fca6abbd5dca8a31db141c47a9af99db_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:c11b8f601a8a0d5fb6719c4c10bf7438ba242cc33d60e035e4cb4b0ae3c19105_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:c8456d98e90b6505957ab3686e9fd2f156e29f123c5558e581c206daf1e7d93a_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:3dc803cd65232113ec9b0bd529a4c98bd86936e5de85cc4e9b7b1f361d4db38e_amd64", "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:633984b538f027c93c5886ea1045dcbe81eeda74acf80001d5fc5f765bdbe0be_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling", }, ], }
opensuse-su-2025:14921-1
Vulnerability from csaf_opensuse
Published
2025-03-25 00:00
Modified
2025-03-25 00:00
Summary
argocd-cli-2.14.8-1.1 on GA media
Notes
Title of the patch
argocd-cli-2.14.8-1.1 on GA media
Description of the patch
These are all security issues fixed in the argocd-cli-2.14.8-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14921
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "argocd-cli-2.14.8-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the argocd-cli-2.14.8-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14921", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14921-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14921-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TTJ7LJNX5AFLSOMXVINY4EKWQGZA76AH/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14921-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TTJ7LJNX5AFLSOMXVINY4EKWQGZA76AH/", }, { category: "self", summary: "SUSE CVE CVE-2025-26791 page", url: "https://www.suse.com/security/cve/CVE-2025-26791/", }, ], title: "argocd-cli-2.14.8-1.1 on GA media", tracking: { current_release_date: "2025-03-25T00:00:00Z", generator: { date: "2025-03-25T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14921-1", initial_release_date: "2025-03-25T00:00:00Z", revision_history: [ { date: "2025-03-25T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "argocd-cli-2.14.8-1.1.aarch64", product: { name: "argocd-cli-2.14.8-1.1.aarch64", product_id: "argocd-cli-2.14.8-1.1.aarch64", }, }, { category: "product_version", name: "argocd-cli-bash-completion-2.14.8-1.1.aarch64", product: { name: "argocd-cli-bash-completion-2.14.8-1.1.aarch64", product_id: "argocd-cli-bash-completion-2.14.8-1.1.aarch64", }, }, { category: "product_version", name: "argocd-cli-zsh-completion-2.14.8-1.1.aarch64", product: { name: "argocd-cli-zsh-completion-2.14.8-1.1.aarch64", product_id: "argocd-cli-zsh-completion-2.14.8-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "argocd-cli-2.14.8-1.1.ppc64le", product: { name: "argocd-cli-2.14.8-1.1.ppc64le", product_id: "argocd-cli-2.14.8-1.1.ppc64le", }, }, { category: "product_version", name: "argocd-cli-bash-completion-2.14.8-1.1.ppc64le", product: { name: "argocd-cli-bash-completion-2.14.8-1.1.ppc64le", product_id: "argocd-cli-bash-completion-2.14.8-1.1.ppc64le", }, }, { category: "product_version", name: "argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", product: { name: "argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", product_id: "argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "argocd-cli-2.14.8-1.1.s390x", product: { name: "argocd-cli-2.14.8-1.1.s390x", product_id: "argocd-cli-2.14.8-1.1.s390x", }, }, { category: "product_version", name: "argocd-cli-bash-completion-2.14.8-1.1.s390x", product: { name: "argocd-cli-bash-completion-2.14.8-1.1.s390x", product_id: "argocd-cli-bash-completion-2.14.8-1.1.s390x", }, }, { category: "product_version", name: "argocd-cli-zsh-completion-2.14.8-1.1.s390x", product: { name: "argocd-cli-zsh-completion-2.14.8-1.1.s390x", product_id: "argocd-cli-zsh-completion-2.14.8-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "argocd-cli-2.14.8-1.1.x86_64", product: { name: "argocd-cli-2.14.8-1.1.x86_64", product_id: "argocd-cli-2.14.8-1.1.x86_64", }, }, { category: "product_version", name: "argocd-cli-bash-completion-2.14.8-1.1.x86_64", product: { name: "argocd-cli-bash-completion-2.14.8-1.1.x86_64", product_id: "argocd-cli-bash-completion-2.14.8-1.1.x86_64", }, }, { category: "product_version", name: "argocd-cli-zsh-completion-2.14.8-1.1.x86_64", product: { name: "argocd-cli-zsh-completion-2.14.8-1.1.x86_64", product_id: "argocd-cli-zsh-completion-2.14.8-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "argocd-cli-2.14.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.aarch64", }, product_reference: "argocd-cli-2.14.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-2.14.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.ppc64le", }, product_reference: "argocd-cli-2.14.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-2.14.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.s390x", }, product_reference: "argocd-cli-2.14.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-2.14.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.x86_64", }, product_reference: "argocd-cli-2.14.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-bash-completion-2.14.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.aarch64", }, product_reference: "argocd-cli-bash-completion-2.14.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-bash-completion-2.14.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.ppc64le", }, product_reference: "argocd-cli-bash-completion-2.14.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-bash-completion-2.14.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.s390x", }, product_reference: "argocd-cli-bash-completion-2.14.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-bash-completion-2.14.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.x86_64", }, product_reference: "argocd-cli-bash-completion-2.14.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-zsh-completion-2.14.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.aarch64", }, product_reference: "argocd-cli-zsh-completion-2.14.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-zsh-completion-2.14.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", }, product_reference: "argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-zsh-completion-2.14.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.s390x", }, product_reference: "argocd-cli-zsh-completion-2.14.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "argocd-cli-zsh-completion-2.14.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.x86_64", }, product_reference: "argocd-cli-zsh-completion-2.14.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-26791", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-26791", }, ], notes: [ { category: "general", text: "DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-26791", url: "https://www.suse.com/security/cve/CVE-2025-26791", }, { category: "external", summary: "SUSE Bug 1237712 for CVE-2025-26791", url: "https://bugzilla.suse.com/1237712", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-bash-completion-2.14.8-1.1.x86_64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.aarch64", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.ppc64le", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.s390x", "openSUSE Tumbleweed:argocd-cli-zsh-completion-2.14.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-25T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-26791", }, ], }
ghsa-vhxf-7vqr-mrjg
Vulnerability from github
Published
2025-02-14 09:31
Modified
2025-02-14 18:05
Severity ?
Summary
DOMPurify allows Cross-site Scripting (XSS)
Details
DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).
{ affected: [ { package: { ecosystem: "npm", name: "dompurify", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "3.2.4", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2025-26791", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: true, github_reviewed_at: "2025-02-14T18:05:08Z", nvd_published_at: "2025-02-14T09:15:08Z", severity: "MODERATE", }, details: "DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).", id: "GHSA-vhxf-7vqr-mrjg", modified: "2025-02-14T18:05:08Z", published: "2025-02-14T09:31:22Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-26791", }, { type: "WEB", url: "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02", }, { type: "WEB", url: "https://ensy.zip/posts/dompurify-323-bypass", }, { type: "PACKAGE", url: "https://github.com/cure53/DOMPurify", }, { type: "WEB", url: "https://github.com/cure53/DOMPurify/releases/tag/3.2.4", }, { type: "WEB", url: "https://nsysean.github.io/posts/dompurify-323-bypass", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", type: "CVSS_V3", }, ], summary: "DOMPurify allows Cross-site Scripting (XSS)", }
ncsc-2025-0123
Vulnerability from csaf_ncscnl
Published
2025-04-16 08:37
Modified
2025-04-16 08:37
Summary
Kwetsbaarheden verholpen in Oracle Database Producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-385
Covert Timing Channel
CWE-347
Improper Verification of Cryptographic Signature
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-400
Uncontrolled Resource Consumption
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-787
Out-of-bounds Write
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-44
Path Equivalence: 'file.name' (Internal Dot)
CWE-226
Sensitive Information in Resource Not Removed Before Reuse
CWE-706
Use of Incorrectly-Resolved Name or Reference
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-755
Improper Handling of Exceptional Conditions
CWE-178
Improper Handling of Case Sensitivity
CWE-193
Off-by-one Error
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-523
Unprotected Transport of Credentials
CWE-190
Integer Overflow or Wraparound
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-285
Improper Authorization
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-284
Improper Access Control
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-476
NULL Pointer Dereference
CWE-459
Incomplete Cleanup
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-674
Uncontrolled Recursion
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-269
Improper Privilege Management
CWE-287
Improper Authentication
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.", title: "Feiten", }, { category: "description", text: "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Covert Timing Channel", title: "CWE-385", }, { category: "general", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "Improper Validation of Syntactic Correctness of Input", title: "CWE-1286", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "Path Equivalence: 'file.name' (Internal Dot)", title: "CWE-44", }, { category: "general", text: "Sensitive Information in Resource Not Removed Before Reuse", title: "CWE-226", }, { category: "general", text: "Use of Incorrectly-Resolved Name or Reference", title: "CWE-706", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, { category: "general", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "Off-by-one Error", title: "CWE-193", }, { category: "general", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Unprotected Transport of Credentials", title: "CWE-523", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute", title: "CWE-614", }, { category: "general", text: "Improper Authorization", title: "CWE-285", }, { category: "general", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, { category: "general", text: "Improper Access Control", title: "CWE-284", }, { category: "general", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Incomplete Cleanup", title: "CWE-459", }, { category: "general", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "general", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Improper Privilege Management", title: "CWE-269", }, { category: "general", text: "Improper Authentication", title: "CWE-287", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpuapr2025.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Database Producten", tracking: { current_release_date: "2025-04-16T08:37:39.412900Z", generator: { date: "2025-02-25T15:15:00Z", engine: { name: "V.A.", version: "1.0", }, }, id: "NCSC-2025-0123", initial_release_date: "2025-04-16T08:37:39.412900Z", revision_history: [ { date: "2025-04-16T08:37:39.412900Z", number: "1.0.0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:unknown/22.1", product: { name: "vers:unknown/22.1", product_id: "CSAFPID-1304603", }, }, ], category: "product_name", name: "Database Server", }, { branches: [ { category: "product_version_range", name: "vers:unknown/13.5.0.0", product: { name: "vers:unknown/13.5.0.0", product_id: "CSAFPID-1201359", }, }, ], category: "product_name", name: "Enterprise Manager for Oracle Database", }, { branches: [ { category: "product_version_range", name: "vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219", product: { name: "vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219", product_id: "CSAFPID-2698376", }, }, { category: "product_version_range", name: "vers:unknown/>=21.3|<=21.17", product: { name: "vers:unknown/>=21.3|<=21.17", product_id: "CSAFPID-2698377", }, }, ], category: "product_name", name: "GoldenGate", }, { branches: [ { category: "product_version_range", name: "vers:oracle/23.1", product: { name: "vers:oracle/23.1", product_id: "CSAFPID-1238473", }, }, { category: "product_version_range", name: "vers:unknown/2.0", product: { name: "vers:unknown/2.0", product_id: "CSAFPID-1237753", }, }, { category: "product_version_range", name: "vers:unknown/20.2", product: { name: "vers:unknown/20.2", product_id: "CSAFPID-1238475", }, }, { category: "product_version_range", name: "vers:unknown/23.1", product: { name: "vers:unknown/23.1", product_id: "CSAFPID-1296375", }, }, { category: "product_version_range", name: "vers:unknown/none", product: { name: "vers:unknown/none", product_id: "CSAFPID-1237603", }, }, ], category: "product_name", name: "Big Data Spatial and Graph", }, ], category: "product_family", name: "Oracle", }, { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.3|<=19.22", product: { name: "vers:oracle/>=19.3|<=19.22", product_id: "CSAFPID-1145825", }, }, { category: "product_version_range", name: "vers:oracle/>=21.3|<=21.13", product: { name: "vers:oracle/>=21.3|<=21.13", product_id: "CSAFPID-1145826", }, }, ], category: "product_name", name: "Oracle Database Server", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.3|<=19.26", product: { name: "vers:oracle/>=19.3|<=19.26", product_id: "CSAFPID-2698969", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=21.3|<=21.17", product: { name: "vers:oracle/>=21.3|<=21.17", product_id: "CSAFPID-2698968", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=21.4|<=21.16", product: { name: "vers:oracle/>=21.4|<=21.16", product_id: "CSAFPID-1839905", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=23.4|<=23.7", product: { name: "vers:oracle/>=23.4|<=23.7", product_id: "CSAFPID-2698934", product_identification_helper: { cpe: "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle Database Server", }, ], category: "product_family", name: "Oracle Database Server", }, { branches: [ { category: "product_version_range", name: "vers:oracle/13.5.0.0", product: { name: "vers:oracle/13.5.0.0", product_id: "CSAFPID-1144644", }, }, ], category: "product_name", name: "Oracle Enterprise Manager for Oracle Database", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/1.5.0", product: { name: "vers:oracle/1.5.0", product_id: "CSAFPID-2699002", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/1.6.0", product: { name: "vers:oracle/1.6.0", product_id: "CSAFPID-2699003", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/1.6.1", product: { name: "vers:oracle/1.6.1", product_id: "CSAFPID-2699004", product_identification_helper: { cpe: "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle NoSQL Database", }, ], category: "product_family", name: "Oracle NoSQL Database", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0", product: { name: "vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0", product_id: "CSAFPID-2699053", product_identification_helper: { cpe: "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle TimesTen In-Memory Database", }, ], category: "product_family", name: "Oracle TimesTen In-Memory Database", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/25.1.0", product: { name: "vers:oracle/25.1.0", product_id: "CSAFPID-2698932", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/25.2.0", product: { name: "vers:oracle/25.2.0", product_id: "CSAFPID-2698931", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=23.8.0|<=23.11.0", product: { name: "vers:oracle/>=23.8.0|<=23.11.0", product_id: "CSAFPID-2698930", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=24.1.0|<=24.11.0", product: { name: "vers:oracle/>=24.1.0|<=24.11.0", product_id: "CSAFPID-2698933", product_identification_helper: { cpe: "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Autonomous Health Framework", }, ], category: "product_family", name: "Oracle Autonomous Health Framework", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/21.7.1.0.0", product: { name: "vers:oracle/21.7.1.0.0", product_id: "CSAFPID-2698943", product_identification_helper: { cpe: "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle Essbase", }, ], category: "product_family", name: "Oracle Essbase", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10", product: { name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10", product_id: "CSAFPID-2698949", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "GoldenGate Stream Analytics", }, { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219", product: { name: "vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219", product_id: "CSAFPID-2698941", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=21.3|<=21.17", product: { name: "vers:oracle/>=21.3|<=21.17", product_id: "CSAFPID-2698942", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=23.4|<=23.7", product: { name: "vers:oracle/>=23.4|<=23.7", product_id: "CSAFPID-2699022", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle GoldenGate", }, { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18", product: { name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18", product_id: "CSAFPID-1839977", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0", product: { name: "vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0", product_id: "CSAFPID-1840034", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/>=23.4|<=23.6", product: { name: "vers:oracle/>=23.4|<=23.6", product_id: "CSAFPID-1840035", product_identification_helper: { cpe: "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle GoldenGate Big Data and Application Adapters", }, ], category: "product_family", name: "Oracle GoldenGate", }, { branches: [ { category: "product_version_range", name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7", product: { name: "vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7", product_id: "CSAFPID-1144602", }, }, ], category: "product_name", name: "Oracle GoldenGate Stream Analytics", }, { branches: [ { category: "product_version_range", name: "vers:oracle/<23.1", product: { name: "vers:oracle/<23.1", product_id: "CSAFPID-1145800", }, }, { category: "product_version_range", name: "vers:unknown/2.0", product: { name: "vers:unknown/2.0", product_id: "CSAFPID-356315", product_identification_helper: { cpe: "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:unknown/23.1", product: { name: "vers:unknown/23.1", product_id: "CSAFPID-356152", }, }, ], category: "product_name", name: "Big Data Spatial and Graph", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/23.4.3", product: { name: "vers:oracle/23.4.3", product_id: "CSAFPID-2699065", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/24.3.0", product: { name: "vers:oracle/24.3.0", product_id: "CSAFPID-2699066", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/23.4.4", product: { name: "vers:oracle/23.4.4", product_id: "CSAFPID-1840017", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/24.4.0", product: { name: "vers:oracle/24.4.0", product_id: "CSAFPID-1840013", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Graph Server and Client", }, ], category: "product_family", name: "Oracle Graph Server and Client", }, { branches: [ { category: "product_version_range", name: "vers:oracle/<=22.4.7", product: { name: "vers:oracle/<=22.4.7", product_id: "CSAFPID-1145419", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/<=23.4.2", product: { name: "vers:oracle/<=23.4.2", product_id: "CSAFPID-1145421", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/<=24.1.0", product: { name: "vers:oracle/<=24.1.0", product_id: "CSAFPID-1145422", product_identification_helper: { cpe: "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Graph Server and Client", }, { branches: [ { category: "product_version_range", name: "vers:oracle/3.0.6", product: { name: "vers:oracle/3.0.6", product_id: "CSAFPID-1145420", product_identification_helper: { cpe: "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle Big Data Spatial and Graph", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:oracle/12.1.0.1", product: { name: "vers:oracle/12.1.0.1", product_id: "CSAFPID-2699109", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/12.1.0.2", product: { name: "vers:oracle/12.1.0.2", product_id: "CSAFPID-2699107", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/12.1.0.3", product: { name: "vers:oracle/12.1.0.3", product_id: "CSAFPID-2699106", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/18.1.0.0", product: { name: "vers:oracle/18.1.0.0", product_id: "CSAFPID-2699110", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/18.1.0.1", product: { name: "vers:oracle/18.1.0.1", product_id: "CSAFPID-2698972", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*", }, }, }, { category: "product_version_range", name: "vers:oracle/18.1.0.2", product: { name: "vers:oracle/18.1.0.2", product_id: "CSAFPID-2699108", product_identification_helper: { cpe: "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*", }, }, }, ], category: "product_name", name: "Oracle Secure Backup", }, ], category: "product_family", name: "Oracle Secure Backup", }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_version_range", name: "vers:semver/19.3|<=19.26", product: { name: "vers:semver/19.3|<=19.26", product_id: "CSAFPID-2698485", }, }, { category: "product_version_range", name: "vers:semver/21.3|<=21.17", product: { name: "vers:semver/21.3|<=21.17", product_id: "CSAFPID-2698486", }, }, { category: "product_version_range", name: "vers:semver/23.4|<=23.7", product: { name: "vers:semver/23.4|<=23.7", product_id: "CSAFPID-2698487", }, }, ], category: "product_name", name: "Oracle Database Server", }, { branches: [ { category: "product_version_range", name: "vers:semver/12.1.0.1", product: { name: "vers:semver/12.1.0.1", product_id: "CSAFPID-2698463", }, }, { category: "product_version_range", name: "vers:semver/12.1.0.2", product: { name: "vers:semver/12.1.0.2", product_id: "CSAFPID-2698464", }, }, { category: "product_version_range", name: "vers:semver/12.1.0.3", product: { name: "vers:semver/12.1.0.3", product_id: "CSAFPID-2698465", }, }, { category: "product_version_range", name: "vers:semver/18.1.0.0", product: { name: "vers:semver/18.1.0.0", product_id: "CSAFPID-2698466", }, }, { category: "product_version_range", name: "vers:semver/18.1.0.1", product: { name: "vers:semver/18.1.0.1", product_id: "CSAFPID-2698467", }, }, { category: "product_version_range", name: "vers:semver/18.1.0.2", product: { name: "vers:semver/18.1.0.2", product_id: "CSAFPID-2698468", }, }, ], category: "product_name", name: "Oracle Secure Backup", }, ], category: "vendor", name: "Oracle Corporation", }, ], }, vulnerabilities: [ { cve: "CVE-2020-1935", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-1935", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2020-1935", }, { cve: "CVE-2020-1938", cwe: { id: "CWE-285", name: "Improper Authorization", }, notes: [ { category: "other", text: "Improper Authorization", title: "CWE-285", }, { category: "other", text: "Improper Privilege Management", title: "CWE-269", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-1938", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2020-1938", }, { cve: "CVE-2020-9484", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-9484", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2020-9484", }, { cve: "CVE-2020-11996", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-11996", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json", }, ], title: "CVE-2020-11996", }, { cve: "CVE-2020-13935", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-13935", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json", }, ], title: "CVE-2020-13935", }, { cve: "CVE-2020-13943", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-13943", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2020-13943", }, { cve: "CVE-2020-36843", cwe: { id: "CWE-347", name: "Improper Verification of Cryptographic Signature", }, notes: [ { category: "other", text: "Improper Verification of Cryptographic Signature", title: "CWE-347", }, { category: "general", text: "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2020-36843", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2020-36843", }, { cve: "CVE-2021-24122", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-24122", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-24122", }, { cve: "CVE-2021-25122", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-25122", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-25122", }, { cve: "CVE-2021-25329", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-25329", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-25329", }, { cve: "CVE-2021-30640", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-30640", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-30640", }, { cve: "CVE-2021-33037", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-33037", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-33037", }, { cve: "CVE-2021-41079", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-41079", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-41079", }, { cve: "CVE-2021-41184", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-41184", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-41184", }, { cve: "CVE-2021-42575", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-42575", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json", }, ], title: "CVE-2021-42575", }, { cve: "CVE-2021-43980", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "other", text: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", title: "CWE-362", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2021-43980", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2021-43980", }, { cve: "CVE-2022-3786", cwe: { id: "CWE-193", name: "Off-by-one Error", }, notes: [ { category: "other", text: "Off-by-one Error", title: "CWE-193", }, { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2022-3786", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2022-3786", }, { cve: "CVE-2022-25762", cwe: { id: "CWE-226", name: "Sensitive Information in Resource Not Removed Before Reuse", }, notes: [ { category: "other", text: "Sensitive Information in Resource Not Removed Before Reuse", title: "CWE-226", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Improper Handling of Exceptional Conditions", title: "CWE-755", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2022-25762", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2022-25762", }, { cve: "CVE-2022-42252", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2022-42252", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2022-42252", }, { cve: "CVE-2023-28708", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Unprotected Transport of Credentials", title: "CWE-523", }, { category: "other", text: "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute", title: "CWE-614", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-28708", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-28708", }, { cve: "CVE-2023-34053", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-34053", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-34053", }, { cve: "CVE-2023-41080", cwe: { id: "CWE-601", name: "URL Redirection to Untrusted Site ('Open Redirect')", }, notes: [ { category: "other", text: "URL Redirection to Untrusted Site ('Open Redirect')", title: "CWE-601", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-41080", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-41080", }, { cve: "CVE-2023-42795", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "other", text: "Incomplete Cleanup", title: "CWE-459", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-42795", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-42795", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-45648", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-45648", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-45648", }, { cve: "CVE-2023-46589", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2023-46589", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2023-46589", }, { cve: "CVE-2024-6763", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "other", text: "Improper Validation of Syntactic Correctness of Input", title: "CWE-1286", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-6763", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json", }, ], title: "CVE-2024-6763", }, { cve: "CVE-2024-8176", cwe: { id: "CWE-121", name: "Stack-based Buffer Overflow", }, notes: [ { category: "other", text: "Stack-based Buffer Overflow", title: "CWE-121", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-8176", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-8176", }, { cve: "CVE-2024-8184", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-8184", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-8184", }, { cve: "CVE-2024-9143", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-9143", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json", }, ], title: "CVE-2024-9143", }, { cve: "CVE-2024-11053", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-11053", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-11053", }, { cve: "CVE-2024-11233", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "other", text: "Heap-based Buffer Overflow", title: "CWE-122", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-11233", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-11233", }, { cve: "CVE-2024-11234", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "other", text: "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", title: "CWE-74", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-11234", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json", }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-11234", }, { cve: "CVE-2024-11236", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-11236", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-11236", }, { cve: "CVE-2024-13176", cwe: { id: "CWE-385", name: "Covert Timing Channel", }, notes: [ { category: "other", text: "Covert Timing Channel", title: "CWE-385", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-13176", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-13176", }, { cve: "CVE-2024-23672", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, notes: [ { category: "other", text: "Incomplete Cleanup", title: "CWE-459", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-23672", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-23672", }, { cve: "CVE-2024-24549", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-24549", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-24549", }, { cve: "CVE-2024-36114", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-36114", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-36114", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38819", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "other", text: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", title: "CWE-22", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-38819", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-38819", }, { cve: "CVE-2024-38820", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-38820", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-38820", }, { cve: "CVE-2024-38999", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, notes: [ { category: "other", text: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", title: "CWE-1321", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-38999", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json", }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-38999", }, { cve: "CVE-2024-39338", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, notes: [ { category: "other", text: "Server-Side Request Forgery (SSRF)", title: "CWE-918", }, { category: "general", text: "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-39338", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-39338", }, { cve: "CVE-2024-47554", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-47554", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-47554", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-47561", }, { cve: "CVE-2024-53382", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, notes: [ { category: "other", text: "Improper Control of Generation of Code ('Code Injection')", title: "CWE-94", }, { category: "general", text: "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-53382", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json", }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-53382", }, { cve: "CVE-2024-57699", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2024-57699", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2024-57699", }, { cve: "CVE-2025-21578", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-21578", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json", }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-21578", }, { cve: "CVE-2025-24813", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "other", text: "Path Equivalence: 'file.name' (Internal Dot)", title: "CWE-44", }, { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "other", text: "Use of Incorrectly-Resolved Name or Reference", title: "CWE-706", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-24813", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-24813", }, { cve: "CVE-2025-24970", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-24970", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-24970", }, { cve: "CVE-2025-25193", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-25193", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-25193", }, { cve: "CVE-2025-26791", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-26791", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json", }, ], scores: [ { cvss_v3: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-26791", }, { cve: "CVE-2025-30694", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-30694", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-30694", }, { cve: "CVE-2025-30701", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-30701", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-30701", }, { cve: "CVE-2025-30702", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-30702", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-30702", }, { cve: "CVE-2025-30733", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-30733", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-30733", }, { cve: "CVE-2025-30736", product_status: { known_affected: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, references: [ { category: "self", summary: "CVE-2025-30736", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json", }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-1304603", "CSAFPID-1201359", "CSAFPID-1145825", "CSAFPID-2698969", "CSAFPID-1145826", "CSAFPID-2698968", "CSAFPID-1839905", "CSAFPID-2698934", "CSAFPID-1144644", "CSAFPID-2699002", "CSAFPID-2699003", "CSAFPID-2699004", "CSAFPID-2699053", "CSAFPID-2698485", "CSAFPID-2698486", "CSAFPID-2698487", "CSAFPID-2698932", "CSAFPID-2698931", "CSAFPID-2698930", "CSAFPID-2698933", "CSAFPID-2698943", "CSAFPID-2698376", "CSAFPID-2698377", "CSAFPID-2698949", "CSAFPID-2698941", "CSAFPID-2698942", "CSAFPID-2699022", "CSAFPID-1839977", "CSAFPID-1840034", "CSAFPID-1840035", "CSAFPID-1144602", "CSAFPID-1238473", "CSAFPID-1145800", "CSAFPID-356315", "CSAFPID-1237753", "CSAFPID-1238475", "CSAFPID-1296375", "CSAFPID-356152", "CSAFPID-1237603", "CSAFPID-2699065", "CSAFPID-2699066", "CSAFPID-1840017", "CSAFPID-1840013", "CSAFPID-1145419", "CSAFPID-1145421", "CSAFPID-1145422", "CSAFPID-1145420", "CSAFPID-2699109", "CSAFPID-2699107", "CSAFPID-2699106", "CSAFPID-2699110", "CSAFPID-2698972", "CSAFPID-2699108", "CSAFPID-2698463", "CSAFPID-2698464", "CSAFPID-2698465", "CSAFPID-2698466", "CSAFPID-2698467", "CSAFPID-2698468", ], }, ], title: "CVE-2025-30736", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.