Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-3121 (GCVE-0-2021-3121)
Vulnerability from cvelistv5 – Published: 2021-01-11 05:57 – Updated: 2024-08-03 16:45- n/a
| URL | Tags |
|---|---|
| https://github.com/gogo/protobuf/commit/b03c65ea8… | x_refsource_MISC |
| https://github.com/gogo/protobuf/compare/v1.3.1..… | x_refsource_MISC |
| https://lists.apache.org/thread.html/r88d69555cb7… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/rc1e9ff22c56… | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2021021… | x_refsource_CONFIRM |
| https://discuss.hashicorp.com/t/hcsec-2021-23-con… | x_refsource_MISC |
| https://lists.apache.org/thread.html/r68032132c03… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2"
},
{
"name": "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0006/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025"
},
{
"name": "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-18T05:06:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2"
},
{
"name": "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210219-0006/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025"
},
{
"name": "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc",
"refsource": "MISC",
"url": "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
},
{
"name": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
"refsource": "MISC",
"url": "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2"
},
{
"name": "[pulsar-commits] 20210121 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210122 [GitHub] [pulsar-client-go] hrsakai opened a new pull request #446: Upgrade gogo/protobuf to 1.3.2",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210219-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210219-0006/"
},
{
"name": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025",
"refsource": "MISC",
"url": "https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025"
},
{
"name": "[skywalking-notifications] 20211018 [GitHub] [skywalking-swck] hanahmily opened a new pull request #37: Fix vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff@%3Cnotifications.skywalking.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3121",
"datePublished": "2021-01-11T05:57:18.000Z",
"dateReserved": "2021-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T16:45:51.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-3121",
"date": "2026-07-14",
"epss": "0.03478",
"percentile": "0.87735"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-3121\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-01-11T06:15:13.460\",\"lastModified\":\"2024-11-21T06:20:55.957\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \\\"skippy peanut butter\\\" issue.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en GoGo Protobuf versiones anteriores a 1.3.2.\u0026#xa0;El archivo plugin/unmarshal/unmarshal.go carece de determinada comprobaci\u00f3n de \u00edndice, tambi\u00e9n se conoce como el problema \\\"skippy peanut butter\\\"\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-129\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:protobuf:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.2\",\"matchCriteriaId\":\"7F29C1D9-5DC9-4075-BE27-D72F9F69F95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"1.8.15\",\"matchCriteriaId\":\"3CFEFC70-871E-4DC3-B23E-E7AFBE7106C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"1.8.15\",\"matchCriteriaId\":\"D8536B85-06DD-4498-BFB5-C729CF5346C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.9.9\",\"matchCriteriaId\":\"EA1C73D1-3A32-488A-B5EC-7BDFA7DBD417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"1.9.0\",\"versionEndExcluding\":\"1.9.9\",\"matchCriteriaId\":\"4EA73576-AADE-4142-8617-937F9E5A32F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"1.10.0\",\"versionEndExcluding\":\"1.10.2\",\"matchCriteriaId\":\"19BE17DA-3808-42DD-817A-B43CE7619281\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hashicorp:consul:*:*:*:*:enterprise:*:*:*\",\"versionStartIncluding\":\"1.10.0\",\"versionEndExcluding\":\"1.10.2\",\"matchCriteriaId\":\"AE470E84-7E0A-4EFC-91CF-A297C1C3D4FC\"}]}]}],\"references\":[{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210219-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68032132c0399c29d6cdc7bd44918535da54060a10a12b1591328bff%40%3Cnotifications.skywalking.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210219-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-06-28T06:44:34+00:00",
"cve": "CVE-2021-3121",
"id": "CVE-2021-3121",
"initial_release_date": "2021-01-11T00:00:00+00:00",
"product_status:fixed": "643",
"product_status:known_affected": "33",
"product_status:known_not_affected": "7148",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-3121.json",
"version": "3"
}
}
}
WID-SEC-W-2022-0510
Vulnerability from csaf_certbund - Published: 2022-06-29 22:00 - Updated: 2026-05-18 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 On Openshift <11.5.7.0-cn5
IBM / DB2
|
On Openshift <11.5.7.0-cn5 | ||
|
IBM DB2 on Cloud Pak for Data <4.5.0
IBM / DB2
|
on Cloud Pak for Data <4.5.0 | ||
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM DB2
IBM / DB2
|
cpe:/a:ibm:db2:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM DB2 ausnutzen, um Dateien zu manipulieren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, willk\u00fcrlichen Code mit erh\u00f6hten Rechten auszuf\u00fchren, Informationen falsch darzustellen und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0510 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0510.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0510 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0510"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6599703"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6830587 vom 2022-10-21",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-operator-and-queue-manager-container-images-are-vulnerable-to-multiple-vulnerabilities-from-containerd-gnupg2-runc-and-ibm-websphere-application-server-liberty/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273312 vom 2026-05-18",
"url": "https://www.ibm.com/support/pages/node/7273312"
}
],
"source_lang": "en-US",
"title": "IBM DB2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-18T22:00:00.000+00:00",
"generator": {
"date": "2026-05-19T08:35:57.611+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2022-0510",
"initial_release_date": "2022-06-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-10-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "On Openshift \u003c11.5.7.0-cn5",
"product": {
"name": "IBM DB2 On Openshift \u003c11.5.7.0-cn5",
"product_id": "T023650"
}
},
{
"category": "product_version",
"name": "On Openshift 11.5.7.0-cn5",
"product": {
"name": "IBM DB2 On Openshift 11.5.7.0-cn5",
"product_id": "T023650-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:on_openshift__11.5.7.0-cn5"
}
}
},
{
"category": "product_version_range",
"name": "on Cloud Pak for Data \u003c4.5.0",
"product": {
"name": "IBM DB2 on Cloud Pak for Data \u003c4.5.0",
"product_id": "T023651"
}
},
{
"category": "product_version",
"name": "on Cloud Pak for Data 4.5.0",
"product": {
"name": "IBM DB2 on Cloud Pak for Data 4.5.0",
"product_id": "T023651-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:on_cloud_pak_for_data__4.5.0"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "T048379",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1002101",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2017-1002101"
},
{
"cve": "CVE-2017-18367",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2017-18367"
},
{
"cve": "CVE-2018-1002105",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-1002105"
},
{
"cve": "CVE-2018-1098",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-1098"
},
{
"cve": "CVE-2018-1099",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-1099"
},
{
"cve": "CVE-2018-16886",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-16886"
},
{
"cve": "CVE-2018-17142",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-17142"
},
{
"cve": "CVE-2018-17143",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-17143"
},
{
"cve": "CVE-2018-17846",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-17846"
},
{
"cve": "CVE-2018-17847",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-17847"
},
{
"cve": "CVE-2018-17848",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-17848"
},
{
"cve": "CVE-2018-20699",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2018-20699"
},
{
"cve": "CVE-2019-11247",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11247"
},
{
"cve": "CVE-2019-11249",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11249"
},
{
"cve": "CVE-2019-11250",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11250"
},
{
"cve": "CVE-2019-11251",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11251"
},
{
"cve": "CVE-2019-11252",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11252"
},
{
"cve": "CVE-2019-11253",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11253"
},
{
"cve": "CVE-2019-11254",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11254"
},
{
"cve": "CVE-2019-11840",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11840"
},
{
"cve": "CVE-2019-11841",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-11841"
},
{
"cve": "CVE-2019-16884",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2019-16884"
},
{
"cve": "CVE-2020-10752",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-10752"
},
{
"cve": "CVE-2020-14040",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-14040"
},
{
"cve": "CVE-2020-15106",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-15106"
},
{
"cve": "CVE-2020-15112",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-15112"
},
{
"cve": "CVE-2020-15113",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-15113"
},
{
"cve": "CVE-2020-26160",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-26160"
},
{
"cve": "CVE-2020-27813",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-27813"
},
{
"cve": "CVE-2020-28851",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-28851"
},
{
"cve": "CVE-2020-28852",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-28852"
},
{
"cve": "CVE-2020-29652",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-29652"
},
{
"cve": "CVE-2020-36067",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-36067"
},
{
"cve": "CVE-2020-7919",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-7919"
},
{
"cve": "CVE-2020-8551",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8551"
},
{
"cve": "CVE-2020-8552",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8552"
},
{
"cve": "CVE-2020-8554",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8554"
},
{
"cve": "CVE-2020-8555",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8555"
},
{
"cve": "CVE-2020-8557",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8557"
},
{
"cve": "CVE-2020-8559",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8559"
},
{
"cve": "CVE-2020-8564",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8564"
},
{
"cve": "CVE-2020-8565",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-8565"
},
{
"cve": "CVE-2020-9283",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-9283"
},
{
"cve": "CVE-2021-20206",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-20206"
},
{
"cve": "CVE-2021-25735",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-25735"
},
{
"cve": "CVE-2021-25736",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-25736"
},
{
"cve": "CVE-2021-25737",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-25737"
},
{
"cve": "CVE-2021-25741",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-25741"
},
{
"cve": "CVE-2021-27918",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-27918"
},
{
"cve": "CVE-2021-30465",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-30465"
},
{
"cve": "CVE-2021-3121",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3121"
},
{
"cve": "CVE-2021-31525",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-31525"
},
{
"cve": "CVE-2021-33194",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-33194"
},
{
"cve": "CVE-2021-3538",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3538"
},
{
"cve": "CVE-2021-41190",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-41190"
},
{
"cve": "CVE-2021-42248",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-42248"
},
{
"cve": "CVE-2021-42836",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-42836"
},
{
"cve": "CVE-2021-43565",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-43784",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-43784"
},
{
"cve": "CVE-2021-44716",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44907",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-44907"
},
{
"cve": "CVE-2022-27191",
"product_status": {
"known_affected": [
"T023650",
"T023651",
"T021398",
"T048379"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-27191"
}
]
}
WID-SEC-W-2022-0970
Vulnerability from csaf_certbund - Published: 2022-04-07 22:00 - Updated: 2024-05-21 22:00In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Container Platform 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_4
|
Container Platform 4 |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0970 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0970.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0970 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0970"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4668 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-04-07",
"url": "https://access.redhat.com/errata/RHSA-2022:1275"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-04-07",
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1679 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1679"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9362 vom 2022-05-09",
"url": "https://linux.oracle.com/errata/ELSA-2022-9362.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202208-02 vom 2022-08-09",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7129 vom 2022-10-26",
"url": "https://linux.oracle.com/errata/ELSA-2022-7129.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7129 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7129"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7457 vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7457"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7954 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7954"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2303 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2303.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2944 vom 2024-05-21",
"url": "https://access.redhat.com/errata/RHSA-2024:2944"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-21T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:33:04.107+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0970",
"initial_release_date": "2022-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-09T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform 4",
"product": {
"name": "Red Hat OpenShift Container Platform 4",
"product_id": "T022509",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4"
}
}
},
{
"category": "product_version_range",
"name": "Service Mesh \u003c2.1.2",
"product": {
"name": "Red Hat OpenShift Service Mesh \u003c2.1.2",
"product_id": "T022580"
}
},
{
"category": "product_version_range",
"name": "Service Mesh \u003c2.0.9",
"product": {
"name": "Red Hat OpenShift Service Mesh \u003c2.0.9",
"product_id": "T022581"
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28851",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2020-28851"
},
{
"cve": "CVE-2020-28852",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2020-28852"
},
{
"cve": "CVE-2021-29482",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-29482"
},
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-3121",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-3121"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-3749",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-3749"
},
{
"cve": "CVE-2021-43565",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-43824",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-43824"
},
{
"cve": "CVE-2021-43825",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-43825"
},
{
"cve": "CVE-2021-43826",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2021-43826"
},
{
"cve": "CVE-2022-21654",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2022-21654"
},
{
"cve": "CVE-2022-21655",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2022-21655"
},
{
"cve": "CVE-2022-23606",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2022-23606"
},
{
"cve": "CVE-2022-23635",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2022-23635"
},
{
"cve": "CVE-2022-24726",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00.000+00:00",
"title": "CVE-2022-24726"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.