rhsa-2022_0227
Vulnerability from csaf_redhat
Published
2022-01-20 21:40
Modified
2024-11-24 21:30
Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)
Notes
Topic
An update is now available for OpenShift Logging (5.3.3)
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.3)
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for OpenShift Logging (5.3.3)\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Openshift Logging Bug Fix Release (5.3.3)\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:0227", "url": "https://access.redhat.com/errata/RHSA-2022:0227" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1940613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" }, { "category": "external", "summary": "2035951", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0227.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.3)", "tracking": { "current_release_date": "2024-11-24T21:30:11+00:00", "generator": { "date": "2024-11-24T21:30:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:0227", "initial_release_date": "2022-01-20T21:40:25+00:00", "revision_history": [ { "date": "2022-01-20T21:40:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-01-20T21:40:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-24T21:30:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "OpenShift Logging 5.3", "product": { "name": "OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.3::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.3-4" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.3-4" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.3-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-103" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-70" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-72" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-99" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-98" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-103" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-109" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-27292", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1940613" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64" ], "known_not_affected": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27292" }, { "category": "external", "summary": "RHBZ#1940613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292" }, { "category": "external", "summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" } ], "release_date": "2021-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-20T21:40:25+00:00", "details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0227" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header" }, { "cve": "CVE-2021-44832", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2035951" } ], "notes": [ { "category": "description", "text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j-core: remote code execution via JDBC Appender", "title": "Vulnerability summary" }, { "category": "other", "text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x" ], "known_not_affected": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44832" }, { "category": "external", "summary": "RHBZ#2035951", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832" }, { "category": "external", "summary": "https://issues.apache.org/jira/browse/LOG4J2-3293", "url": "https://issues.apache.org/jira/browse/LOG4J2-3293" } ], "release_date": "2021-12-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-20T21:40:25+00:00", "details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0227" }, { "category": "workaround", "details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:1eab02e25f64839b15747d2bb8e0e6f8c3f632e9372a5ee926cde2c1e5cbc998_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6c544de84925d0e3883a5d091c17a33362a0138271bbbda6663eb1407f98e0c5_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:74e4ae6c04abc489b90cab07c40f24f68ab7f92e366d3661ba3130ca6fa205c9_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:9f622b5daa152e2b8d94fa12defc3c08d93fddb34b1b4edbf841da5f00d7918d_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:eec91dbe056a85b3a8b61c5ce4d9383e182440f5ea496fac64a22cd7920daf5f_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:183da02fcaa5915a0552e5c4c4716b521cb5a698590fc1f58e0cede837f52b49_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1d7fe3558d416cf1ce9cd59e68f71ac3123b1cb8a3435001d2fa356198ea821c_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:37eda3069f8fb47a90b0adef38e93df074dbe57821e3c306da03e2c1e267e9ed_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1209bca75d71152af832b0e11dfee461f4c6fdbeda6b91743e637ce453702f3c_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:1e342d10db70e1b160f906c65e6caa25aa64c519dd7ae7e8233fe2fe65121207_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:f7e2c329f04793173ae4412aa096cf86ce7225c94b059c56d8c9e7dbe71b9a19_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:440473f04ef4cfd1d016063daabf011eb2ba6b9acea96312a72f215277333e53_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:956fb983f6ca0991c2d2a03f7054bd2c9881c03883e44d7b695dba475df62a29_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:b1b03c78595d10ae30b5a35983784eaea11f1f9763944b2f9938117149bdd511_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4b114196ac78f93575475437a794c881fe79126f3e73fed1fe5ea9f89fcdb6c1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:4cf7cc86ccb8059ee5083d6e68a413e1db804ff45e126a9f87b1d52e8dd82855_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:ae0cf89749b44739b6f2560c3f6527cee2606b67388a7d965dd76644a25420f5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:278eb4ecec21f235a26693b3f6c1b0cdfab5635f5a5ac51dd0540c6ab69c1316_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:61a6311f2ca53f6e600007bd9ffc90c7183f81db8fee8d839991565d82be5f2e_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:680c44946a899270de101bca06b22ed5b4eba0b85c1e01e21e30fc6a2740ab2d_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:25f94f0e27668fe254b7ff74731d39b7ed9f6c278c52dcf759893d9a1abe4895_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce82cceec1ccb2e951cc54fbc6bd1109a616034f9462b19f13dffa35902e0cef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:fd70baba0ba7a59a994ca33527ecb2575ab199daeb4ecd34581cccf0db246c59_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:04cb0712418289fc446752a0c274d1036886312b7a63b54ebbeeab1421c10924_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1d900ee34e14094e24b855acfbeec3f2f3c82f3fcc07d3b4cebe5e92ea1a8fde_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:b722f8982018f215a0a1566a561d742f1f7d99a2b507b8a7e874f6db1a6fef08_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:5e2d853cc71ec673ce0f6bcc14628c2fd650a9153b8d7e5f8cd1a1b2ef36093e_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a8942268c538c264d5a7950f91106c44b1a431262a7af31ed02bed79f1c22d93_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:ac206b3da24eb8df95e2e3b0bec234e84b8e5ef7000234f069855b73de77d846_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "log4j-core: remote code execution via JDBC Appender" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.