rhsa-2025:1051
Vulnerability from csaf_redhat
Published
2025-02-05 08:58
Modified
2025-11-27 15:00
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.8
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.8
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* kiali-ossmc-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)
* openshift-istio-kiali-rhel8-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)
* kiali-ossmc-container: nanoid mishandles non-integer values (CVE-2024-55565)
* openshift-istio-kiali-rhel8-container: nanoid mishandles non-integer values (CVE-2024-55565)
* openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
* openshift-istio-proxyv2-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.8\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* kiali-ossmc-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)\n* openshift-istio-kiali-rhel8-container: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x (CVE-2024-52798)\n* kiali-ossmc-container: nanoid mishandles non-integer values (CVE-2024-55565)\n* openshift-istio-kiali-rhel8-container: nanoid mishandles non-integer values (CVE-2024-55565)\n* openshift-istio-kiali-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n* openshift-istio-proxyv2-rhel8-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1051",
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1051.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.8",
"tracking": {
"current_release_date": "2025-11-27T15:00:47+00:00",
"generator": {
"date": "2025-11-27T15:00:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2025:1051",
"initial_release_date": "2025-02-05T08:58:11+00:00",
"revision_history": [
{
"date": "2025-02-05T08:58:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-05T08:58:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-27T15:00:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.17-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.18-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.8-8"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.8-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-05T08:58:11+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:392a0b0f15101fde9463e07e4676426d07a52637960090a75f4d521f81109f97_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b482521bfdbc1e9dc205ab789cd24f7e4b64a4ba2f51cd5eedc2cee890fca395_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:cdd38d31093ecbdb39df9e4cb3dca75a9823de16ae0b3e52d0a341893f429cd4_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fb2797a5c3803f88f0a9c5890eaca9f9da1cfdcf19ef32f7914abeb9479170cf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7466d9f61039a268ccc8cd98e0c81edd12f91f467ee045633a96916b9043bd0b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ddce1cbbc6a4bf75835fe7b54ddb9f61bdd4d934e59fb89b3d2c32f331e6b4ab_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:e21d32a441726cc62a6a3ef3847f3ed8cddf07c61ac9c3b219922748a0b142be_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ff6812ce8f74dcd50ddefcf7c5b7fb767d49fb1358f4d26f7bfcfe84e43182c4_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:945cddb3b3ff19417ebcd098e60f77774290668fdd7654cce96ec158198b5a30_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:96498f9c161062eb23dd5276104ffc04fc48e39c2641b3b1fec65e3829874e56_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:a1177d3329367ceee87bf080e780f9d4644dc1b17b88e7ea9972ad38ce444db4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:fae6c33602d356534bd3ce0f439a273ee6dab8806d04167f1f6ffdb46c9cd3ba_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:063cc757f97fcf7c53d29b1c14dc647a8924ac62c390f8a7dde52b34f3539182_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:18ec8baef7eda33cd1220f21b3370fb7048cd9643847b80f3329568a9ba2da98_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d72c64dcabf9796a57bd9fcaecf4dbfdbe61e6e0ac6bc1c31f541f6b324224ef_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:eed6ea951d6d885f72aa4363d045f7025ee05fd8186d702cee4ceb42b8a32f82_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:14d6fd1a92119c65922c3785987545ca3f14e935c1b90a63ec1a584fb6ad3552_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:17c0bbe9d31cfb10e14d6aca9a6a0ad49e9be59038f3c4e04b985b6c8ea5cfd7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:40d05d8bd9d7e6e9482e9762b3f715b36d04c0114fd927c8e9e155ec30c93559_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eb14febb28a84a028b35f871c14ce741558f9cde3b3d789a4fa148cf4017c980_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:61742a85adce623c50e998c51e93d32cd0f86ece1328978e9d5702751dc0346f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:73156a9f853e36efe1e84efa9c2094d96870d8a49fbf35709bd9b30b90e93cee_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:8df315db1b814702e59de268436f128241ce7033cdff6f1752d3c887b8da6095_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:a6ad7a54d1d175434d8cba233e9bde3fd7ae7f039a4c2e3bd2aa42fe4f161181_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:413b274166a58abcf3b89dff39f45a2de213970dcf96c7a7ad25b7797d579fa7_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:603aeb7989086db84d0520f78aa804ad3f19bc6936e5d8e2912083b27e74c99e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:8676b8cf4cb2166e7602fcf5342dfbfeee7f0dbc7e7aea296da1fba729d524bf_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:f8693632849a66d2c974c937edb7b45f0c9fd0d79c84ca01805ab0e8b658280e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…