rhsa-2022:8634
Vulnerability from csaf_redhat
Published
2022-11-28 02:51
Modified
2025-10-10 02:06
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.1.1 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.1.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8634",
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "2107386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
},
{
"category": "external",
"summary": "2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "OADP-1002",
"url": "https://issues.redhat.com/browse/OADP-1002"
},
{
"category": "external",
"summary": "OADP-1016",
"url": "https://issues.redhat.com/browse/OADP-1016"
},
{
"category": "external",
"summary": "OADP-1020",
"url": "https://issues.redhat.com/browse/OADP-1020"
},
{
"category": "external",
"summary": "OADP-1027",
"url": "https://issues.redhat.com/browse/OADP-1027"
},
{
"category": "external",
"summary": "OADP-608",
"url": "https://issues.redhat.com/browse/OADP-608"
},
{
"category": "external",
"summary": "OADP-609",
"url": "https://issues.redhat.com/browse/OADP-609"
},
{
"category": "external",
"summary": "OADP-611",
"url": "https://issues.redhat.com/browse/OADP-611"
},
{
"category": "external",
"summary": "OADP-612",
"url": "https://issues.redhat.com/browse/OADP-612"
},
{
"category": "external",
"summary": "OADP-642",
"url": "https://issues.redhat.com/browse/OADP-642"
},
{
"category": "external",
"summary": "OADP-645",
"url": "https://issues.redhat.com/browse/OADP-645"
},
{
"category": "external",
"summary": "OADP-662",
"url": "https://issues.redhat.com/browse/OADP-662"
},
{
"category": "external",
"summary": "OADP-724",
"url": "https://issues.redhat.com/browse/OADP-724"
},
{
"category": "external",
"summary": "OADP-725",
"url": "https://issues.redhat.com/browse/OADP-725"
},
{
"category": "external",
"summary": "OADP-731",
"url": "https://issues.redhat.com/browse/OADP-731"
},
{
"category": "external",
"summary": "OADP-741",
"url": "https://issues.redhat.com/browse/OADP-741"
},
{
"category": "external",
"summary": "OADP-774",
"url": "https://issues.redhat.com/browse/OADP-774"
},
{
"category": "external",
"summary": "OADP-794",
"url": "https://issues.redhat.com/browse/OADP-794"
},
{
"category": "external",
"summary": "OADP-825",
"url": "https://issues.redhat.com/browse/OADP-825"
},
{
"category": "external",
"summary": "OADP-849",
"url": "https://issues.redhat.com/browse/OADP-849"
},
{
"category": "external",
"summary": "OADP-927",
"url": "https://issues.redhat.com/browse/OADP-927"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8634.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update",
"tracking": {
"current_release_date": "2025-10-10T02:06:53+00:00",
"generator": {
"date": "2025-10-10T02:06:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2022:8634",
"initial_release_date": "2022-11-28T02:51:35+00:00",
"revision_history": [
{
"date": "2022-11-28T02:51:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-28T02:51:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T02:06:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.1",
"product": {
"name": "8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product_id": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product_id": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product_id": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product_id": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27191",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064702"
}
],
"notes": [
{
"category": "description",
"text": "A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crash in a golang.org/x/crypto/ssh server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the vulnerable golang.org/x/crypto/ssh package is bundled in many components. The affected code is in the SSH server portion that is not used, hence the impact by this vulnerability is reduced. Additionally the OCP installer components, that also bundle vulnerable golang.org/x/crypto/ssh package, are used only during the cluster installation process, hence for already deployed and running OCP clusters the installer components are considered as affected by this vulnerability but not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "RHBZ#2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T02:51:35+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crash in a golang.org/x/crypto/ssh server"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T02:51:35+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-30632",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: path/filepath: stack exhaustion in Glob",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The exploitation of this flaw will only result in a denial of service of the application via the application crashing which is why this has been rated as moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30632"
},
{
"category": "external",
"summary": "RHBZ#2107386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
},
{
"category": "external",
"summary": "https://go.dev/issue/53416",
"url": "https://go.dev/issue/53416"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T02:51:35+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: path/filepath: stack exhaustion in Glob"
},
{
"cve": "CVE-2022-30635",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.The vulnerability has been rated as moderate instead of high because the vulnerability can only result in a minor denial of service.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30635"
},
{
"category": "external",
"summary": "RHBZ#2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
},
{
"category": "external",
"summary": "https://go.dev/issue/53615",
"url": "https://go.dev/issue/53615"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T02:51:35+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T02:51:35+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…