rhsa-2024:2941
Vulnerability from csaf_redhat
Published
2024-05-21 09:58
Modified
2025-11-20 21:55
Summary
Red Hat Security Advisory: RHACS 4.4 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes changes, bug fixes, and updates to patch vulnerabilities.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of RHACS 4.4.2 provides the following bug fixes:
* Before this update, Collector pods on nodes with 128 or more cores would fail with a `CrashLoopBackOff` status due to issues with how the CO-RE BPF allocated kernel memory. The patch release fixes this issue.
* This release updates the Scanner baseline vulnerability data to address changes made to the Red Hat security data feeds that were not compatible with earlier data from Scanner’s scheduled feed processing. This fixes various issues where vulnerabilities were detected for images containing packages that were incorrectly indicated as affected by a vulnerability.
* This release fixes a crash and rendering error in the network graph that occurs when Central is running an RHACS release of 4.3.6 or earlier and Sensor is running an RHACS release of 4.4.0 or later.
* Previously, RHACS did not update the alerts when violations changed. This release fixes the issue, and RHACS correctly updates the alerts when violations change.
This release provides the following changes:
* The default telemetry endpoint is now set to a Red Hat proxy.
* This release includes a new environment variable, ROX_API_TOKEN_FILE, that you can use to pass your API’s token file path to the `roxctl` CLI.
This releases updates the following items to patch vulnerabilities:
* (CVE-2023-45288) Go has been updated to release 1.21.9.
* (CVE-2023-45288) The `golang.org/x/net` module has been updated from release v0.22.0 to v0.23.0.
* (CVE-2024-29180) webpack-dev-middleware module has been updated form version 5.3.3 to 5.3.4.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes changes, bug fixes, and updates to patch vulnerabilities.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.4.2 provides the following bug fixes:\n\n* Before this update, Collector pods on nodes with 128 or more cores would fail with a `CrashLoopBackOff` status due to issues with how the CO-RE BPF allocated kernel memory. The patch release fixes this issue.\n* This release updates the Scanner baseline vulnerability data to address changes made to the Red Hat security data feeds that were not compatible with earlier data from Scanner\u2019s scheduled feed processing. This fixes various issues where vulnerabilities were detected for images containing packages that were incorrectly indicated as affected by a vulnerability.\n* This release fixes a crash and rendering error in the network graph that occurs when Central is running an RHACS release of 4.3.6 or earlier and Sensor is running an RHACS release of 4.4.0 or later.\n* Previously, RHACS did not update the alerts when violations changed. This release fixes the issue, and RHACS correctly updates the alerts when violations change.\n\nThis release provides the following changes:\n\n* The default telemetry endpoint is now set to a Red Hat proxy.\n* This release includes a new environment variable, ROX_API_TOKEN_FILE, that you can use to pass your API\u2019s token file path to the `roxctl` CLI.\n\nThis releases updates the following items to patch vulnerabilities:\n\n* (CVE-2023-45288) Go has been updated to release 1.21.9.\n* (CVE-2023-45288) The `golang.org/x/net` module has been updated from release v0.22.0 to v0.23.0.\n* (CVE-2024-29180) webpack-dev-middleware module has been updated form version 5.3.3 to 5.3.4.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2941",
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "ROX-21948",
"url": "https://issues.redhat.com/browse/ROX-21948"
},
{
"category": "external",
"summary": "ROX-23397",
"url": "https://issues.redhat.com/browse/ROX-23397"
},
{
"category": "external",
"summary": "ROX-23469",
"url": "https://issues.redhat.com/browse/ROX-23469"
},
{
"category": "external",
"summary": "ROX-23540",
"url": "https://issues.redhat.com/browse/ROX-23540"
},
{
"category": "external",
"summary": "ROX-23566",
"url": "https://issues.redhat.com/browse/ROX-23566"
},
{
"category": "external",
"summary": "ROX-23852",
"url": "https://issues.redhat.com/browse/ROX-23852"
},
{
"category": "external",
"summary": "ROX-24189",
"url": "https://issues.redhat.com/browse/ROX-24189"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2941.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.4 enhancement and security update",
"tracking": {
"current_release_date": "2025-11-20T21:55:51+00:00",
"generator": {
"date": "2025-11-20T21:55:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:2941",
"initial_release_date": "2024-05-21T09:58:45+00:00",
"revision_history": [
{
"date": "2024-05-21T09:58:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-21T09:58:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-20T21:55:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.2-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.2-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections such as IPS/IDS and antimalware solutions help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation leading to a CWE-400: Uncontrolled Resource Consumption vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces least functionality, enabling only essential features, services, and ports to minimize the attack surface for improper input handling. Secure development practices, such as static code analysis, peer reviews, and strict input validation, detect and remediate unsafe patterns early in the lifecycle, reducing the risk of malformed input causing instability or resource exhaustion. Process isolation confines untrusted workloads to restricted domains, preventing a single process from monopolizing shared resources. Malicious code protections, including IDS/IPS and antimalware tools, detect and mitigate input-driven resource consumption and denial-of-service attempts in real time. Centralized logging and continuous monitoring provide visibility into abnormal resource behavior, enabling rapid detection and response. Additionally, web application firewalls and load-balancing controls further limit the impact of uncontrolled input or resource use, maintaining platform stability and performance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-115: Misinterpretation of Input vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nControls like information input validation and error handling help mitigate the risks associated with this weakness by enforcing strict input validation and secure error management. Error handling ensures that all input data is validated against predefined formats, preventing malformed or unexpected inputs from being misinterpreted by the system. By enforcing strong typing, allow listing, and proper encoding, this control reduces the likelihood of injection attacks and unintended code execution.\n\nInput validation complements this by ensuring that errors do not expose sensitive system details or cause unpredictable behavior. Secure error handling prevents attackers from gaining insight into system functionality through detailed error messages while ensuring the system remains stable even when faced with malformed inputs. Together, these controls reduce the attack surface by maintaining predictable input processing and preventing exploitable system states, ultimately strengthening an organization\u0027s security posture against input misinterpretation vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-21T09:58:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to patch release 4.4.2.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2941"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:0e0fc51bc1bb082a01224bf0778ef0c8eef7e3ed27334c37a28a59b914cef697_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e44f0ce6686996e385bc2ef062e57016f1b124dc7a8e63e2100ac28bdbf7d9c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:bbcf4bfd15c860a8e9345189063c129ba4d70d0e340e4a4f82a4ff5f993df368_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2008a094efbc5b5ad83cfc91bc22e58ede1a0cc575b542bb33fc76458b48c95b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:2e0ff5e4ff6c47a9ff6b6e7f26c033341d2362a7b5798b3bae8f96521cdad286_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:cc19c76bb9123c31e3f719a843c6a9074ba0603e67fe83349e35283bcd597c6f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:02f81a9d3ee238a4741ea7d0000c5c87620491ed6f9e218fc101d08cc74d26c2_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7d704bfa49659fcef56de71e15aff4542e5ac5e4644f905a25f9e25a6d535382_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:eefa59e9d0e012a94623efb71c34a267bf2bc9b10070eb394e51797affe5daad_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:596ffae8ac3bba59dc3dc7bd488d0732ac513c5c3e35761927d21d4fc0fa1392_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:6a56bd52c5fe2b2203aeb4fd37e6892a5f23b7d0abae10fc5e0d154344c8f1bf_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:72ce43136e850f86fe675822e43dfd7d7e660ceaf2517d3f0a83f34d0d026007_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:4cadca01bf16098d0e243ef1aa02d2b7fa6d6d04ae3562b48174298e00a00705_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:5d6bf72214aaed0ee0bd16ba8ed707a63c7312936ea361850a716e3fda7e2c8e_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b800c559f4e93d6a8d7422128e26688b8872c589c92944cb46815ec2b7c68371_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:0038e1daba8fd9874063d7d25f86b086ba5f23d51aa76530802d324d78f74006_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:9dff6deaeae98ac7812d845cf1446cd3904a8066a777dc013ea9ee22f50ba16a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:a53eaf71ed81cf3f109b44463a0b70c389d4330aeebed676970f8aa32780a008_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5037ebcf2fbc8bd8bdac7ffb8b9aafb5c7d6c990c0f7cc149d89028d6ebd2a47_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:56edbd1f69da14ae4279f34a8149c7b6200625e853e995a78b5b64c0681f2383_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f0156b634592bb9556ce7112cba3f173469f61607da40780d07dee4032ec9a93_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:0a344d812fb72ad90e1e423d527347e2dc680fb10ea0d90aadacdb4c2a50e7f8_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:681ddb4c8dd62755a0e15ed1c4029065ddec65a06d12449f187180489daf9b5f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:79c8938936e9022aba223bcec2b80ea5af9e6d4dd2e6671e274f16b32be0109d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:09f1b7a8be64cb152fbd31501274fc1f97b08e076af34111ebb50afa5384d746_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a3476b790be420bc6b60c9cf53af38496dd4a4c83e0462f52e4b57dc23786e28_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cae64828e29d8ef2628f346ec786450a3dffd4f2c73f57d719a98d9e119ad745_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:124865ec25d18e31bc385d1003275581e6679b7ca8775651be8f595ab558243d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8c0a614d1c7f43bd597b73e7f9a226502b79680b13aab0b33406327514f9aefb_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f4e7d9a40b47f219dc1dbb6584b9d936aa83ea3c642b7c32a41f7393180e5cb2_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13229a675b026bccc86b1b6681431b932f6c938a9931923b1b1f98b052f64951_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2268441224f9dd53b42990455199528c8049615126f6521b9b1a14be5409c84c_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:79a9120a84a63ad8d54eb913fc3c6b562921165432b5b40eaa3c0392dc6fa31b_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b2f39b0f1fd77d312384394220b974fefeb2c07ed8a56fe68bf061d6beb3bdb_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1e28b9001bf9e962499e7780ea2ad55fa3e9f06895392a8429741148682e7479_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9c39c394312c3db47234a63f6f387b2aeda0f80c184aacee13f56e596666f224_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:47742f7ccdf7f08ce0eb58f5608dfa5fdd0f51df8d7aaef58a5369a9179644ff_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:cb0b488798275236203dfdcc51b944a756f7cf46d753557507992c08e4b59dbf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d0d367a05ad533fe1b0216690caf4a8d270b452fc4f6cab276e45beef2c05b61_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…