rhsa-2024_11109
Vulnerability from csaf_redhat
Published
2024-12-16 15:47
Modified
2024-12-18 10:46
Summary
Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.5
Notes
Topic
Updated service-interconnect container images are now available for Service Interconnect 1.5 for RHEL 9.
Details
Users of service-interconnect 1.5 rhel9 container images are advised
to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs.
Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory the in Red Hat Container Catalog
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated service-interconnect container images are now available for Service Interconnect 1.5 for RHEL 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Users of service-interconnect 1.5 rhel9 container images are advised\nto upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. \nUsers of these images are also encouraged to rebuild all container images that depend on these images.\nYou can find images updated by this advisory the in Red Hat Container Catalog",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:11109",
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "2263240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263240"
},
{
"category": "external",
"summary": "2321987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321987"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_11109.json"
}
],
"title": "Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.5",
"tracking": {
"current_release_date": "2024-12-18T10:46:12+00:00",
"generator": {
"date": "2024-12-18T10:46:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:11109",
"initial_release_date": "2024-12-16T15:47:02+00:00",
"revision_history": [
{
"date": "2024-12-16T15:47:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-16T15:47:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T10:46:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Service Interconnect 1",
"product": {
"name": "Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_interconnect:1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Service Interconnect"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.3-6"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.5-4"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.5-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64"
},
"product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2398",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2024-03-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270498"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in curl. When an application configures libcurl to use HTTP/2 server push and the amount of received headers for the push surpasses the maximum allowed limit, libcurl aborts the server push. When aborting, libcurl does not free all the previously allocated headers, resulting in a memory leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: HTTP/2 push headers memory-leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-2398"
},
{
"category": "external",
"summary": "RHBZ#2270498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270498"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2398"
},
{
"category": "external",
"summary": "https://curl.se/docs/CVE-2024-2398.html",
"url": "https://curl.se/docs/CVE-2024-2398.html"
}
],
"release_date": "2024-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "curl: HTTP/2 push headers memory-leak"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2024-08-20T17:50:04+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2306158"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Possible denial of service in X.509 name checks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as moderate severity rather than important because it primarily affects specific use cases involving certificate name checks against otherName subject alternative names, a scenario that is not commonly encountered. The issue only triggers a denial of service (DoS) by causing an abnormal application termination, without compromising the integrity, confidentiality, or availability of data at a broader scale. Additionally, TLS servers, which typically don\u0027t perform reference identity checks during client certificate validation, are largely unaffected. The impact is localized to certain TLS clients performing specific name comparisons, reducing the overall risk profile and justifying the moderate severity classification.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6119"
},
{
"category": "external",
"summary": "RHBZ#2306158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6119"
},
{
"category": "external",
"summary": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj",
"url": "https://github.com/openssl/openssl/security/advisories/GHSA-5qrj-vq78-58fj"
}
],
"release_date": "2024-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Possible denial of service in X.509 name checks"
},
{
"cve": "CVE-2024-6345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2024-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297771"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack does not include setuptools. The ImcSdk component uses it only during compile time in our build systems, and we do not support recompiling SRPMs. As a result, Red Hat OpenStack is not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6345"
},
{
"category": "external",
"summary": "RHBZ#2297771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0",
"url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5",
"url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
}
],
"release_date": "2024-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools"
},
{
"cve": "CVE-2024-6923",
"discovery_date": "2024-08-01T14:30:06+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302255"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the email module that uses Python language. The email module doesn\u0027t properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6923"
},
{
"category": "external",
"summary": "RHBZ#2302255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6923"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/121650",
"url": "https://github.com/python/cpython/issues/121650"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/122233",
"url": "https://github.com/python/cpython/pull/122233"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/"
}
],
"release_date": "2024-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: email module doesn\u0027t properly quotes newlines in email headers, allowing header injection"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-940",
"name": "Improper Verification of Source of a Communication Channel"
},
"discovery_date": "2024-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GNOME GLib. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This issue could lead to the GDBus-based client behaving incorrectly with an application-dependent impact.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib2: Signal subscription vulnerabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34397"
},
{
"category": "external",
"summary": "RHBZ#2279632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34397"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3268"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2024/05/07/5",
"url": "https://www.openwall.com/lists/oss-security/2024/05/07/5"
}
],
"release_date": "2024-05-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib2: Signal subscription vulnerabilities"
},
{
"cve": "CVE-2024-37370",
"discovery_date": "2024-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294677"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "krb5: GSS message token handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has an ability to disrupt authentication process and attackers able to alter the token data durning the transmission which leads to disruption in service and an attacker can void the integrity by altering the token durning the transmission for authentication process. This has been rated as moderate by Redhat as the vulnerability cannot be exploited in a way that it leads to a loss of availability or integrity,when in transmission token count field can be changed making the token appear truncated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-37370"
},
{
"category": "external",
"summary": "RHBZ#2294677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294677"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37370"
},
{
"category": "external",
"summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
"url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "krb5: GSS message token handling"
},
{
"cve": "CVE-2024-37371",
"discovery_date": "2024-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294676"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper handling of authentication tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "krb5: GSS message token handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as a moderate severity vulnerability because, while it allows an attacker to modify the plaintext \"Extra Count\" field of a GSS krb5 wrap token, the impact is primarily limited to token truncation at the application layer. This truncation can disrupt services but does not directly lead to a full compromise of confidentiality or integrity. The attack requires that the attacker already has access to a valid token transmission to modify, meaning it cannot be exploited remotely without first obtaining or intercepting a valid token.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-37371"
},
{
"category": "external",
"summary": "RHBZ#2294676",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294676"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37371"
},
{
"category": "external",
"summary": "https://web.mit.edu/kerberos/www/krb5-1.21/",
"url": "https://web.mit.edu/kerberos/www/krb5-1.21/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "krb5: GSS message token handling"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2024-08-30T03:20:06.675968+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libexpat\u0027s xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XML_ParseBuffer function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: Negative Length Parsing Vulnerability in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The CVE-2024-45490 vulnerability is rated as moderate severity because while it allows for memory corruption through improper argument handling in XML_ParseBuffer, the exploitability is limited. Specifically, it requires an unlikely scenario where the input passed to the function has a negative length (len \u003c 0), which would typically not occur in well-formed applications. Moreover, while the impact includes denial of service (DoS), the conditions necessary for arbitrary code execution are non-trivial, requiring specific exploitation of memory corruption. Since it primarily leads to application crashes without an easily accessible attack vector for remote code execution, the risk is lower compared to higher-severity vulnerabilities that offer more direct pathways to exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45490"
},
{
"category": "external",
"summary": "RHBZ#2308615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45490"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
"url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/887",
"url": "https://github.com/libexpat/libexpat/issues/887"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/890",
"url": "https://github.com/libexpat/libexpat/pull/890"
}
],
"release_date": "2024-08-30T03:15:03.757000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: Negative Length Parsing Vulnerability in libexpat"
},
{
"cve": "CVE-2024-45491",
"discovery_date": "2024-08-30T03:20:09.474759+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308616"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in libexpat\u2019s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: Integer Overflow or Wraparound",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as Moderate severity rather than Important due to its reliance on specific conditions for exploitation. The integer overflow in dtdCopy affecting nDefaultAtts is limited to 32-bit platforms, reducing the attack surface as many modern systems operate on 64-bit architectures. Additionally, while the impact can lead to denial of service and potentially arbitrary code execution, the latter requires precise manipulation of the overflow condition, which may be non-trivial for attackers to achieve reliably. The constrained platform scope and the complexity of exploitation lower the overall severity, though it still poses a risk in environments where 32-bit systems are prevalent.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45491"
},
{
"category": "external",
"summary": "RHBZ#2308616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45491"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
"url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/888",
"url": "https://github.com/libexpat/libexpat/issues/888"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/891",
"url": "https://github.com/libexpat/libexpat/pull/891"
}
],
"release_date": "2024-08-30T03:15:03.850000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: Integer Overflow or Wraparound"
},
{
"cve": "CVE-2024-45492",
"discovery_date": "2024-08-30T03:20:11.638476+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libexpat\u0027s internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for m_groupSize on 32-bit platforms where UINT_MAX equals SIZE_MAX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: integer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CVE-2024-45492 is categorized as a Moderate severity issue rather than Important due to the specific conditions required for exploitation and the limited scope of impact. While an integer overflow in the nextScaffoldPart function on 32-bit platforms can potentially lead to denial of service (DoS) or, in rare cases, arbitrary code execution, the vulnerability is platform-specific, affecting only 32-bit architectures with particular handling of UINT_MAX and SIZE_MAX. Additionally, exploiting the overflow for arbitrary code execution would require precise manipulation of memory, making it a less likely attack vector. The primary risk of DoS, without guaranteed escalation to remote code execution, further justifies the moderate severity classification.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45492"
},
{
"category": "external",
"summary": "RHBZ#2308617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45492"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes",
"url": "https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/889",
"url": "https://github.com/libexpat/libexpat/issues/889"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/892",
"url": "https://github.com/libexpat/libexpat/pull/892"
}
],
"release_date": "2024-08-30T03:15:03.930000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T15:47:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:01b7f735b8efd48b3406d116a7885f4545efa21786fd96ea3479573b72181e6c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:2dedeeda52b1701d005dee4c2277c949d978214d32fffbdfc63e7c5ead8f1782_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7460ced07d36f6ce528561e92db8f212b2db38ecefa6f28b1c6d336f676f5010_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7dd1ff26d428fc7b075b0ccd4e19ecce723029e2e3b957c59716ceb48a532f09_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:03c5da9f3d13f3d5c54072cec23d09e49c18925d389817f3c75ab73e94be9e45_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2da92855aa7fc0a5b17909ca2e43950a9785ca3b58b001880caaddfe69bd7c1b_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:bdf007b74711d3bbd1986a29c9702e5b237edc34b2db86c70df7c8fd47e54454_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:ef40b43b27d8bd205d01ee1a6e11fbceaa345ab72ee6d39e2d436fa1b99a9aaa_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:3bc6fa2665020345f5e9a94bdb4fc11560336213889463812490ea2bd8a78bff_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:554f51fbd35480c5779d801f129e06045399f4bedeee7b3ec2a4bc839a0a4154_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:771f88b6a5b042c07e652196b406da2f88806334f882d418514f20de9cf1e9ee_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:826ce2adc3ce66628150e118662fd7871f2b9fb7de1507041f5f5f20e6558bfa_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:a4873e1ba82b7a55bccf7e1664cc3ecb51bb5e12d09dba4e1da3f3282cf3f1f9_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:f934d109a75fbac4316db68a7409a95bf848d6c99eacd925ff352204e891f1a0_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:47b2380c1a4f1b66fb8ea1d56cb55d5d48d157c3cd766910fa7a5967582901d6_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:5b9714c08022c3b1a94c779aa2daa98bb2965f6808f3049fe57f6045cd8fd534_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:72fcdf31e9b144f6bfc9a13dff8f720e963b7e49d6ef773522bdb5946cf0e1b9_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:b193eace13666b71a525f07627b8e727fa6594db0f9086940607be456f0dbe5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1c6e952f2c85c384a21c455e7a5d3788d96c23f5b76737fc19ec91782a4a7492_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:1e7ec0d2278b508f4e6125cda83b09af84787ae37de6ca32e1866029c2f85d8c_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:859683e6f8eca6302e197113eb7152e7779a3de72c59988b305bb0a8bc13cbe5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:97e80a5d2ae898d4262a52e8e4f31a86c011b694160c47ce4074015ebab8a7f4_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:35be4ab2c944e950b7c635a0342aefbd5b13a3cf4d9f41828adf4e685e80bccf_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:8674ea245869c168353047d9bbf963cba13508d982b6ae288f15ab5540805f82_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:9268f1f878db35a8e9b5171e1e9bb517c329b8bd98ad74a1d0550baf67d6c501_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:ae2fd33a7da6eadafe9c1321397000a283ea67690bcc9f41458b8401e06d309c_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: integer overflow"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.