rhsa-2024:10186
Vulnerability from csaf_redhat
Published
2024-11-22 01:06
Modified
2025-10-31 12:42
Summary
Red Hat Security Advisory: ACS 4.5 enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release of RHACS 4.5.5 introduces the following changes:
Bug fix:
* Fixed an issue with redirects in curl commands leading to empty files and errors in scanning. (ROX-26929)
* Scanner V4 now reindexes image upon indexer updates. (ROX-23956)
Security fixes:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains
deeply nested structures can cause a panic due to stack exhaustion
(CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* dompurify: DOMPurify vulnerable to tampering by prototype pollution
(CVE-2024-48910)
* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6
addresses (CVE-2024-24790)
* cross-spawn: Regular expression denial of service (CVE-2024-21538)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in the
References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.5.5 introduces the following changes:\n\nBug fix:\n\n* Fixed an issue with redirects in curl commands leading to empty files and errors in scanning. (ROX-26929)\n\n* Scanner V4 now reindexes image upon indexer updates. (ROX-23956)\n\nSecurity fixes:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains\ndeeply nested structures can cause a panic due to stack exhaustion\n(CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* dompurify: DOMPurify vulnerable to tampering by prototype pollution\n(CVE-2024-48910)\n\n* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6\naddresses (CVE-2024-24790)\n\n* cross-spawn: Regular expression denial of service (CVE-2024-21538)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the\nReferences section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10186",
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2322949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949"
},
{
"category": "external",
"summary": "2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "ROX-23956",
"url": "https://issues.redhat.com/browse/ROX-23956"
},
{
"category": "external",
"summary": "ROX-26943",
"url": "https://issues.redhat.com/browse/ROX-26943"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10186.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.5 enhancement update",
"tracking": {
"current_release_date": "2025-10-31T12:42:41+00:00",
"generator": {
"date": "2025-10-31T12:42:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:10186",
"initial_release_date": "2024-11-22T01:06:56+00:00",
"revision_history": [
{
"date": "2024-11-22T01:06:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-22T01:06:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-31T12:42:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.5 for RHEL 8",
"product": {
"name": "RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64 as a component of RHACS 4.5 for RHEL 8",
"product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-11-08T13:44:29.182678+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324550"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cross-spawn: regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "RHBZ#2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/pull/160",
"url": "https://github.com/moxystudio/node-cross-spawn/pull/160"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230",
"url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230"
}
],
"release_date": "2024-11-08T05:00:04.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cross-spawn: regular expression denial of service"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-115: Misinterpretation of Input vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nControls such as input validation and error handling mitigate input misinterpretation risks by enforcing strict validation rules and secure error management. Error handling ensures inputs are validated against predefined formats, preventing malformed data from being misinterpreted. Techniques like strong typing, allow listing, and proper encoding reduce the likelihood of injection attacks and unintended code execution. Input validation also ensures that errors do not expose sensitive system details or cause unpredictable behavior. Secure error handling prevents information leakage through detailed error messages while preserving system stability under malformed input conditions. Together, these controls reduce the attack surface by maintaining consistent input processing and preventing exploitable system states, strengthening the overall security posture.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-48910",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2024-10-31T15:00:53.609372+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2322949"
}
],
"notes": [
{
"category": "description",
"text": "A prototype pollution vulnerability was found in DOMPurify. This flaw allows a remote attacker to add or modify attributes of an object prototype. This issue can lead to the injection of malicious attributes used in other components or cause a crash by overriding existing attributes with ones of incompatible type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: DOMPurify vulnerable to tampering by prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The prototype pollution vulnerability in DOMPurify is considered a high-severity issue because it allows attackers to modify the prototype of built-in JavaScript objects, potentially impacting the entire application. This could lead to security risks, such as overwriting methods on fundamental objects like `Object`, `Array`, or `Function`, allowing attackers to manipulate application behavior, bypass security controls, or cause application crashes. Given that DOMPurify is a core library for sanitizing user input, an attacker exploiting this vulnerability could gain control over how sanitized content is processed, leading to the execution of malicious scripts or triggering other unintended behaviors across the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-48910"
},
{
"category": "external",
"summary": "RHBZ#2322949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-48910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc",
"url": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr"
}
],
"release_date": "2024-10-31T14:22:52.867000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-22T01:06:56+00:00",
"details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le",
"8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "dompurify: DOMPurify vulnerable to tampering by prototype pollution"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…