RHSA-2025:1051
Vulnerability from csaf_redhat - Published: 2025-02-05 08:58 - Updated: 2026-04-04 16:34Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.8
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.5.8
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* kiali-ossmc-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)
* openshift-istio-kiali-rhel8-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)
* kiali-ossmc-container: nanoid mishandles non-integer values (CVE-2024-55565)
* openshift-istio-kiali-rhel8-container: nanoid mishandles non-integer values (CVE-2024-55565)
* openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
* openshift-istio-proxyv2-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:1051
A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:1051
Workaround
Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.
A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:1051
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.8\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* kiali-ossmc-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)\n* openshift-istio-kiali-rhel8-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)\n* kiali-ossmc-container: nanoid mishandles non-integer values (CVE-2024-55565)\n* openshift-istio-kiali-rhel8-container: nanoid mishandles non-integer values (CVE-2024-55565)\n* openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n* openshift-istio-proxyv2-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1051",
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1051.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.8",
"tracking": {
"current_release_date": "2026-04-04T16:34:23+00:00",
"generator": {
"date": "2026-04-04T16:34:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2025:1051",
"initial_release_date": "2025-02-05T08:58:11+00:00",
"revision_history": [
{
"date": "2025-02-05T08:58:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-05T08:58:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-04T16:34:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…