rhsa-2024:4163
Vulnerability from csaf_redhat
Published
2024-06-27 12:38
Modified
2025-10-31 18:56
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.4 security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps v1.12.4. Red Hat
Product Security has rated this update as having a security impact of Moderate.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Errata Advisory for Red Hat OpenShift GitOps v1.12.4.
Security Fix(es):
* openshift-gitops-argocd-container: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON [gitops-1.12](CVE-2024-24786)
* openshift-gitops-argocd-container: helm: Dependency management path traversal [gitops-1.12] (CVE-2024-25620)
* openshift-gitops-argocd-container: helm: Missing YAML Content Leads To Panic [gitops-1.12] (CVE-2024-26147)
* OpenShift GitOps 1.12.1 is using 2 year old openshift4/ose-haproxy-router
image
* Multiple CVEs in openshift-gitops-redis container
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Bug Fix(es):
* TLS termination policy for ArgoCD server route changed to reencrypt in version 1.12.3 blocking ArgoCD login
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.12.4. Red Hat\nProduct Security has rated this update as having a security impact of Moderate.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.12.4.\n\nSecurity Fix(es):\n\n* openshift-gitops-argocd-container: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON [gitops-1.12](CVE-2024-24786)\n\n* openshift-gitops-argocd-container: helm: Dependency management path traversal [gitops-1.12] (CVE-2024-25620)\n\n* openshift-gitops-argocd-container: helm: Missing YAML Content Leads To Panic [gitops-1.12] (CVE-2024-26147)\n\n* OpenShift GitOps 1.12.1 is using 2 year old openshift4/ose-haproxy-router\nimage\n\n* Multiple CVEs in openshift-gitops-redis container\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nBug Fix(es):\n\n* TLS termination policy for ArgoCD server route changed to reencrypt in version 1.12.3 blocking ArgoCD login",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4163",
"url": "https://access.redhat.com/errata/RHSA-2024:4163"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2264336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
},
{
"category": "external",
"summary": "2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "GITOPS-4758",
"url": "https://issues.redhat.com/browse/GITOPS-4758"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4163.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.4 security update",
"tracking": {
"current_release_date": "2025-10-31T18:56:45+00:00",
"generator": {
"date": "2025-10-31T18:56:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.10"
}
},
"id": "RHSA-2024:4163",
"initial_release_date": "2024-06-27T12:38:04+00:00",
"revision_history": [
{
"date": "2024-06-27T12:38:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-06-27T12:38:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-31T18:56:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.12",
"product": {
"name": "Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.12",
"product": {
"name": "Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.12.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.4-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.4-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.4-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.12.4-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.4-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.4-5"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"relates_to_product_reference": "9Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64",
"relates_to_product_reference": "9Base-GitOps-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to ensure the most restrictive setting needed for operational requirements. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, enabling capabilities like excessive CPU usage, long execution times, or processes consuming abnormal amounts of memory. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing infinite loops caused by malformed or unexpected input, such as unbounded user input or unexpected null values that cause loops to never terminate. In the event of successful exploitation, process isolation limits the effect of an infinite loop to a single process rather than allowing it to consume all system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-27T12:38:04+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4163"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-25620",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264336"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Helm when it saved a chart including download time. When either the Helm client or SDK is used to save a chart whose name is within the Chart.yaml file and includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Dependency management path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25620"
},
{
"category": "external",
"summary": "RHBZ#2264336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
"url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
"url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
}
],
"release_date": "2024-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-27T12:38:04+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4163"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Dependency management path traversal"
},
{
"cve": "CVE-2024-26147",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265440"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Missing YAML Content Leads To Panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as Moderate since this would impact the Helm client and requires a malicious plugin to be in place, which can be removed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "RHBZ#2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6",
"url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6"
}
],
"release_date": "2024-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-06-27T12:38:04+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4163"
},
{
"category": "workaround",
"details": "If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.\n\nIf using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:03a9a34183ed581ef6c37bfd2628fa5cac699deb1dbccfa69f4ffa7c8bd5cdfa_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:9a9553e940da983030f1d06b1a73afbbe69dd2afbaf35aca85d022786810891e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:aa3b1517f6b15456d6ca8796379aa9318fd349027ec05aa7bdc1123719b60f16_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:e6f8fe1d2e92dd4af70e2065cf12f523c09ed6f507dcbb5b1cde74281a5a7c29_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3f7a36417f2244c65c594c1ba27dfe27c481ddc9cd77b6725bea34ffffa7c094_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:981f233c89dc451d6d4773888f3aeaf467856bfe4b6e599e1dc36ce949ff1e94_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:c60b04f5b7603e1ab96648db23d95ac95c2548facae1c1252acf634a42fb411d_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:d88f18509bc4eba0e0b6e8c914f3c653a62d478ccddb836857da3dc250751537_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:13ba08737b47085c9fdb2430f1ec7d21d8954ac54d71f2cb4964886f683247ab_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:28daa3253c3bccc8b661c40abd04c87dfa498e04821d30ea3036312b76fe5a4e_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:9ec2cd87111e0cec02104604c8e95c9cb63aae9a44303fb6ebfd6d55f689591e_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:d77164505154f55d8e67a2d90e7657b0ca6135bcb15458336bc50096f78eec5e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:6e4ff694e827da331903dfaeeb2bbe0fbf259e22c5fdde0c5253163ec45e4a10_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:b300a9c26f0c00a7f90bb74877ab9b27fe8ff018a3cd2ad718be179cd96e651a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:ebb14930583daf011b306fabc9c67687c6ef263f17dd1a9095fabe52847a6425_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:f8bc86210129a6175f03d583a8afa9fb119fce94151dfadbaa1e36c0b02c3272_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:9bb74df8ca3491846b6df8313c96f99d58334c1bee8004f816777c39838ae54a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:10b81029e3248a29f6d5197abb06d11224ce2473f5e37b1cbb3d7c0ecaa740da_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:2ebc3132162b1bb7cd2deedcda77552b2611e3cfb13d236d015bdd1aa5caadac_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:ad44cf803432d8edef7b01f6690bdcba40a2e7de11fa449aa5088e7e64eb32df_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:c321a8b1eeca0560e647df668c780e443d81555ab433613000993689a7fe7e02_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:146022a7303958f0117d5a727c8a57560a90bf6884b8ccaff4b86700cb9cec68_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:93f89ba5dc766ad377bbe00c44850b814deaa4e66c64c665fbee12433f41819c_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ae59a9812bf7e68d80702d76065b1a88a49477adcbc415cd51836bdefbd623ad_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:ef8468c42e18c898f413670aa5ec63253d68ad0acbaf4ff4a05007c452e63dff_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:107fa77ba6a551e324fcf7339b3cedfe2a47a669a59adf4a6559d187ea723850_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:2d7e96f437a5c7ecdcdd1f6bdd1a9a9d512224aa1013d6f66e49146d0e5b39a0_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:e18ffcb6830998c4d0951990367169a5cf0dab2ac71058583621751d67e37ea2_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:f6107229b5d9a50ff74304fe3f672d9b23e051fcd055b422c99f7a86aded3930_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:65c3c01e488bdde99ac3a7bd8010b98dc5e6e1982a10a7db124b1664afe03548_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d35eee966920abe462d75dff86cac80bff006953bdbc06cf55921df6584536c9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:d8df9c69adbce76ce6ef683685cf1d3bfb44d02c5cf84ba43d02cedc89b9de51_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:e6a74044aa3f8d25ca5523faa6f803b5c38fda75b61f28116fac739484dee8f1_ppc64le",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c89c5f5c91dfdc7fe821878c113bd49e3150eab70e6b6792b79e03b6159a1ba3_amd64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:e98f1849f7a3bb3642ef4974b3005780abe91a6542e96eb81745aa25fdebe8df_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Missing YAML Content Leads To Panic"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…