Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-44832 (GCVE-0-2021-44832)
Vulnerability from cvelistv5 – Published: 2021-12-28 19:35 – Updated: 2026-05-29 18:53
VLAI
EPSS
Title
Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
Severity
No CVSS data available.
CWE
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| https://lists.apache.org/thread/s1o5vlo78ypqxnzn6… | x_refsource_MISC |
| https://issues.apache.org/jira/browse/LOG4J2-3293 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/12/28/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2022010… | x_refsource_CONFIRM |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Affected:
log4j-core , < 2.17.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:32:13.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-44832",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-29T18:53:35.535632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T18:53:46.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j2",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "2.13.0",
"status": "affected"
},
{
"at": "2.12.4",
"status": "unaffected"
},
{
"at": "2.4",
"status": "affected"
},
{
"at": "2.3.2",
"status": "unaffected"
},
{
"at": "2.0-beta7",
"status": "affected"
}
],
"lessThan": "2.17.1",
"status": "affected",
"version": "log4j-core",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:41:33.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"source": {
"defect": [
"LOG4J2-3293",
""
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-12-27T00:00:00.000Z",
"value": "reported"
},
{
"lang": "en",
"time": "2021-12-27T00:00:00.000Z",
"value": "patch proposed, 2.17.1-rc1"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00.000Z",
"value": "fixed"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00.000Z",
"value": "public"
}
],
"title": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44832",
"STATE": "PUBLIC",
"TITLE": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Log4j2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.17.1"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.13.0"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.12.4"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.4"
},
{
"version_affected": "\u003c",
"version_name": "log4j-core",
"version_value": "2.3.2"
},
{
"version_affected": "\u003e=",
"version_name": "log4j-core",
"version_value": "2.0-beta7"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143"
},
{
"name": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
},
{
"name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/28/1"
},
{
"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf"
},
{
"name": "FEDORA-2021-c6f471ce0f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/"
},
{
"name": "FEDORA-2021-1bd9151bab",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220104-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220104-0001/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
},
"source": {
"defect": [
"LOG4J2-3293",
""
],
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-12-27T00:00:00.000Z",
"value": "reported"
},
{
"lang": "en",
"time": "2021-12-27T00:00:00.000Z",
"value": "patch proposed, 2.17.1-rc1"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00.000Z",
"value": "fixed"
},
{
"lang": "en",
"time": "2021-12-28T00:00:00.000Z",
"value": "public"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44832",
"datePublished": "2021-12-28T19:35:11.000Z",
"dateReserved": "2021-12-11T00:00:00.000Z",
"dateUpdated": "2026-05-29T18:53:46.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-44832",
"date": "2026-05-29",
"epss": "0.53648",
"percentile": "0.98034"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-44832\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-12-28T20:15:08.400\",\"lastModified\":\"2026-05-29T20:16:21.410\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\"},{\"lang\":\"es\",\"value\":\"Las versiones de Apache Log4j2 de la 2.0-beta7 a la 2.17.0 (excluyendo las versiones de correcci\u00f3n de seguridad 2.3.2 y 2.12.4) son vulnerables a un ataque de ejecuci\u00f3n remota de c\u00f3digo (RCE) cuando una configuraci\u00f3n utiliza un JDBC Appender con un URI de origen de datos JNDI LDAP cuando un atacante tiene el control del servidor LDAP de destino. Este problema se soluciona limitando los nombres de fuentes de datos JNDI al protocolo java en las versiones 2.17.1, 2.12.4 y 2.3.2 de Log4j2\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.7,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:C/I:C/A:C\",\"baseScore\":8.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.8,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-74\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.1\",\"versionEndExcluding\":\"2.3.2\",\"matchCriteriaId\":\"E5737813-009A-4FDD-AC84-42E871EA1676\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4\",\"versionEndExcluding\":\"2.12.4\",\"matchCriteriaId\":\"0D1858C4-53AC-4528-B86F-0AB83777B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.13.0\",\"versionEndExcluding\":\"2.17.1\",\"matchCriteriaId\":\"D127EBB0-E86F-4349-96E5-19BD198E0CCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"17854E42-7063-4A55-BF2A-4C7074CC2D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9D58C21-34AE-4782-8580-816B2F6A8F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFCBA59-E0DF-46FD-8431-C1043E7AB4EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F32FB2-6970-4975-8BD0-EAE12E9AD03A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B773ED91-1D39-42E6-9C52-D02210DE1A94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF24312D-1A62-482E-8078-7EC24758B710\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0.0\",\"versionEndIncluding\":\"8.5.1.0\",\"matchCriteriaId\":\"83F42D52-1E43-44E0-8B53-A2A918BDDEC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E812639B-EE28-4C68-9F6F-70C8BF981C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.13\",\"matchCriteriaId\":\"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.12\",\"matchCriteriaId\":\"4096281D-2EBA-490D-8180-3C9D05EB890A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0\",\"versionEndIncluding\":\"20.12.7\",\"matchCriteriaId\":\"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F45363-236B-4040-8AE4-C6C0E204EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.18.0\",\"matchCriteriaId\":\"A66F0C7C-4310-489F-8E91-4171D17DB32F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0.0\",\"versionEndIncluding\":\"20.12.12.0\",\"matchCriteriaId\":\"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D89239-9142-46BD-846D-76A5A74A67B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48C9BD8E-7214-4B44-B549-6F11B3EA8A04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_fiscal_management:14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5F6FD19-A314-4A1F-96CB-6DB1CED79430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D62731F-3290-4383-A4F6-5274B4D63B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cloudcenter:4.10.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66AB39B2-0CE1-4C7E-9E7B-B288A080D584\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.0.0.4.6\",\"matchCriteriaId\":\"6894D860-000E-439D-8AB7-07E9B2ACC31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD66C717-85E0-40E7-A51F-549C8196D557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3.0.0\",\"versionEndIncluding\":\"8.5.1.0\",\"matchCriteriaId\":\"F9550113-7423-48D8-A1C7-95D6AEE9B33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E812639B-EE28-4C68-9F6F-70C8BF981C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.0.0.4.4\",\"matchCriteriaId\":\"61A2E42A-4EF2-437D-A0EC-4A6A4F1EBD11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5933FEA2-B79E-4EE7-B821-54D676B45734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B74B912-152D-4F38-9FC1-741D6D0B27FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C9A32B-B776-4704-818D-977B4B20D677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6989178B-A3D5-4441-A56C-6C639D4759DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5049591-AA1B-4D64-A925-40D0724074D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.24\",\"matchCriteriaId\":\"F47057A9-2DDE-4178-B140-F7D70EAED8F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.2.0\",\"versionEndIncluding\":\"12.2.24\",\"matchCriteriaId\":\"9132D7F2-43B3-4595-B8BF-C9DE897087F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.13\",\"matchCriteriaId\":\"A621A5AE-6974-4BA5-B1AC-7130A46F68F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.12\",\"matchCriteriaId\":\"4096281D-2EBA-490D-8180-3C9D05EB890A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0\",\"versionEndIncluding\":\"20.12.7\",\"matchCriteriaId\":\"E6B70E72-B9FC-4E49-8EDD-29C7E14F5792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F45363-236B-4040-8AE4-C6C0E204EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0.0\",\"versionEndIncluding\":\"19.12.18.0\",\"matchCriteriaId\":\"AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.12.0.0\",\"versionEndIncluding\":\"20.12.12.0\",\"matchCriteriaId\":\"651104CE-0569-4E6D-ACAB-AD2AC85084DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D89239-9142-46BD-846D-76A5A74A67B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F978162-CB2C-4166-947A-9048C6E878BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7BD0D41-1BED-4C4F-95C8-8987C98908DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ABA57AC-4BBF-4E4F-9F7E-D42472C36EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"21.12\",\"matchCriteriaId\":\"889916ED-5EB2-49D6-8400-E6DBBD6C287F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/28/1\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-3293\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220104-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.apache.org/jira/browse/LOG4J2-3293\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220104-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\", \"name\": \"20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/12/28/1\", \"name\": \"[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\", \"name\": \"[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\", \"name\": \"FEDORA-2021-c6f471ce0f\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\", \"name\": \"FEDORA-2021-1bd9151bab\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T04:32:13.076Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-44832\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-29T18:53:35.535632Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-29T18:53:17.608Z\"}}], \"cna\": {\"title\": \"Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\", \"source\": {\"defect\": [\"LOG4J2-3293\", \"\"], \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"other\": {\"type\": \"unknown\", \"content\": {\"other\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Log4j2\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"2.13.0\", \"status\": \"affected\"}, {\"at\": \"2.12.4\", \"status\": \"unaffected\"}, {\"at\": \"2.4\", \"status\": \"affected\"}, {\"at\": \"2.3.2\", \"status\": \"unaffected\"}, {\"at\": \"2.0-beta7\", \"status\": \"affected\"}], \"version\": \"log4j-core\", \"lessThan\": \"2.17.1\", \"versionType\": \"custom\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-12-27T00:00:00.000Z\", \"value\": \"reported\"}, {\"lang\": \"en\", \"time\": \"2021-12-27T00:00:00.000Z\", \"value\": \"patch proposed, 2.17.1-rc1\"}, {\"lang\": \"en\", \"time\": \"2021-12-28T00:00:00.000Z\", \"value\": \"fixed\"}, {\"lang\": \"en\", \"time\": \"2021-12-28T00:00:00.000Z\", \"value\": \"public\"}], \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\", \"name\": \"20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/12/28/1\", \"name\": \"[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\", \"name\": \"[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\", \"name\": \"FEDORA-2021-c6f471ce0f\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\", \"name\": \"FEDORA-2021-1bd9151bab\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_refsource_MISC\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-74\", \"description\": \"CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2022-07-25T16:41:33.000Z\"}, \"x_legacyV4Record\": {\"impact\": [{\"other\": \"moderate\"}], \"source\": {\"defect\": [\"LOG4J2-3293\", \"\"], \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"log4j-core\", \"version_value\": \"2.17.1\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"log4j-core\", \"version_value\": \"2.13.0\", \"version_affected\": \"\u003e=\"}, {\"version_name\": \"log4j-core\", \"version_value\": \"2.12.4\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"log4j-core\", \"version_value\": \"2.4\", \"version_affected\": \"\u003e=\"}, {\"version_name\": \"log4j-core\", \"version_value\": \"2.3.2\", \"version_affected\": \"\u003c\"}, {\"version_name\": \"log4j-core\", \"version_value\": \"2.0-beta7\", \"version_affected\": \"\u003e=\"}]}, \"product_name\": \"Apache Log4j2\"}]}, \"vendor_name\": \"Apache Software Foundation\"}]}}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-12-27T00:00:00.000Z\", \"value\": \"reported\"}, {\"lang\": \"en\", \"time\": \"2021-12-27T00:00:00.000Z\", \"value\": \"patch proposed, 2.17.1-rc1\"}, {\"lang\": \"en\", \"time\": \"2021-12-28T00:00:00.000Z\", \"value\": \"fixed\"}, {\"lang\": \"en\", \"time\": \"2021-12-28T00:00:00.000Z\", \"value\": \"public\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd\", \"name\": \"20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021\", \"refsource\": \"CISCO\"}, {\"url\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"name\": \"https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143\", \"refsource\": \"MISC\"}, {\"url\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"name\": \"https://issues.apache.org/jira/browse/LOG4J2-3293\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/12/28/1\", \"name\": \"[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html\", \"name\": \"[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/\", \"name\": \"FEDORA-2021-c6f471ce0f\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/\", \"name\": \"FEDORA-2021-1bd9151bab\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20220104-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20 Improper Input Validation\"}]}, {\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-44832\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration\", \"ASSIGNER\": \"security@apache.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-44832\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-29T18:53:46.103Z\", \"dateReserved\": \"2021-12-11T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2021-12-28T19:35:11.000Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2022:0002-1
Vulnerability from csaf_opensuse - Published: 2022-01-02 17:01 - Updated: 2022-01-02 17:01Summary
Security update for log4j
Severity
Moderate
Notes
Title of the patch: Security update for log4j
Description of the patch: This update for log4j fixes the following issues:
- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames: openSUSE-2022-2
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for log4j",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for log4j fixes the following issues:\n\n- CVE-2021-44832: Fixes a remote code execution via JDBC Appender (bsc#1194127)\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2022-2",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0002-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0002-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBITTL424FAEN3BI2PM3NGBMPREUS3P4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0002-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBITTL424FAEN3BI2PM3NGBMPREUS3P4/"
},
{
"category": "self",
"summary": "SUSE Bug 1194127",
"url": "https://bugzilla.suse.com/1194127"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44832 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44832/"
}
],
"title": "Security update for log4j",
"tracking": {
"current_release_date": "2022-01-02T17:01:06Z",
"generator": {
"date": "2022-01-02T17:01:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0002-1",
"initial_release_date": "2022-01-02T17:01:06Z",
"revision_history": [
{
"date": "2022-01-02T17:01:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-jcl-2.17.0-lp152.3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"product": {
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"product_id": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
},
"product_reference": "log4j-slf4j-2.17.0-lp152.3.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44832"
}
],
"notes": [
{
"category": "general",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44832",
"url": "https://www.suse.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "SUSE Bug 1194127 for CVE-2021-44832",
"url": "https://bugzilla.suse.com/1194127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:log4j-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-javadoc-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-jcl-2.17.0-lp152.3.15.1.noarch",
"openSUSE Leap 15.2:log4j-slf4j-2.17.0-lp152.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-01-02T17:01:06Z",
"details": "moderate"
}
],
"title": "CVE-2021-44832"
}
]
}
OPENSUSE-SU-2024:11702-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
log4j-2.17.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: log4j-2.17.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the log4j-2.17.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11702
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.6 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "log4j-2.17.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the log4j-2.17.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11702",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11702-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44832 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44832/"
}
],
"title": "log4j-2.17.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11702-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-2.17.1-1.1.aarch64",
"product_id": "log4j-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.aarch64",
"product_id": "log4j-javadoc-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-jcl-2.17.1-1.1.aarch64",
"product_id": "log4j-jcl-2.17.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.aarch64",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.aarch64",
"product_id": "log4j-slf4j-2.17.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-2.17.1-1.1.ppc64le",
"product_id": "log4j-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.ppc64le",
"product_id": "log4j-javadoc-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-jcl-2.17.1-1.1.ppc64le",
"product_id": "log4j-jcl-2.17.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.ppc64le",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.ppc64le",
"product_id": "log4j-slf4j-2.17.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.s390x",
"product": {
"name": "log4j-2.17.1-1.1.s390x",
"product_id": "log4j-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.s390x",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.s390x",
"product_id": "log4j-javadoc-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.s390x",
"product": {
"name": "log4j-jcl-2.17.1-1.1.s390x",
"product_id": "log4j-jcl-2.17.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.s390x",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.s390x",
"product_id": "log4j-slf4j-2.17.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "log4j-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-2.17.1-1.1.x86_64",
"product_id": "log4j-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-javadoc-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-javadoc-2.17.1-1.1.x86_64",
"product_id": "log4j-javadoc-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-jcl-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-jcl-2.17.1-1.1.x86_64",
"product_id": "log4j-jcl-2.17.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "log4j-slf4j-2.17.1-1.1.x86_64",
"product": {
"name": "log4j-slf4j-2.17.1-1.1.x86_64",
"product_id": "log4j-slf4j-2.17.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x"
},
"product_reference": "log4j-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-javadoc-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-javadoc-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-jcl-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-jcl-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x"
},
"product_reference": "log4j-jcl-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-jcl-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-jcl-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "log4j-slf4j-2.17.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
},
"product_reference": "log4j-slf4j-2.17.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44832"
}
],
"notes": [
{
"category": "general",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44832",
"url": "https://www.suse.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "SUSE Bug 1194127 for CVE-2021-44832",
"url": "https://bugzilla.suse.com/1194127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:log4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-javadoc-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-jcl-2.17.1-1.1.x86_64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.aarch64",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.ppc64le",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.s390x",
"openSUSE Tumbleweed:log4j-slf4j-2.17.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-44832"
}
]
}
RHSA-2022:0083
Vulnerability from csaf_redhat - Published: 2022-01-20 12:12 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details: This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Vert.x 4.1.8
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Vert.x 4.1.8
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Vert.x 4.1.8
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.1.8 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0083",
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.1.8"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0083.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.8 security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0083",
"initial_release_date": "2022-01-20T12:12:50+00:00",
"revision_history": [
{
"date": "2022-01-20T12:12:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T12:12:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Vert.x 4.1.8",
"product": {
"name": "Vert.x 4.1.8",
"product_id": "Vert.x 4.1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Vert.x 4.1.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T12:12:50+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Vert.x 4.1.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0083"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Vert.x 4.1.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Vert.x 4.1.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0138
Vulnerability from csaf_redhat - Published: 2022-01-13 15:25 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.
Security Fix(es):
* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.0.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0138",
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.0.0"
},
{
"category": "external",
"summary": "1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0138.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0138",
"initial_release_date": "2022-01-13T15:25:07+00:00",
"revision_history": [
{
"date": "2022-01-13T15:25:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-13T15:25:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 2.0.0",
"product": {
"name": "Red Hat AMQ Streams 2.0.0",
"product_id": "Red Hat AMQ Streams 2.0.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-34429",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1985223"
}
],
"notes": [
{
"category": "description",
"text": "For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: crafted URIs allow bypassing security constraints",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OCP 3.11 is out of the support scope for Moderate and Low impact vulnerabilities because is already in the Maintenance Support phase, hence the affected OCP 3.11 component has been marked as \"ooss\".\n\nRed Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34429"
},
{
"category": "external",
"summary": "RHBZ#1985223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985223"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34429"
}
],
"release_date": "2021-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: crafted URIs allow bypassing security constraints"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-38153",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2021-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2009041"
}
],
"notes": [
{
"category": "description",
"text": "Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38153"
},
{
"category": "external",
"summary": "RHBZ#2009041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38153"
}
],
"release_date": "2021-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.0.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-13T15:25:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0138"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.0.0"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
}
]
}
RHSA-2022:0181
Vulnerability from csaf_redhat - Published: 2022-01-27 08:24 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0180
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
123 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x | — |
Workaround
|
Threats
Impact
Moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.54 is now available with updates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0180\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0181",
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1985826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1985826"
},
{
"category": "external",
"summary": "2034412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034412"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0181.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.54 extras and security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0181",
"initial_release_date": "2022-01-27T08:24:22+00:00",
"revision_history": [
{
"date": "2022-01-27T08:24:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-27T08:24:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_id": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_id": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_id": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_id": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_id": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.6.0-202201111633.p0.gd5ea7b7.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.6.0-202201111633.p0.gf381145.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.6.0-202201111633.p0.gf139e12.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_id": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_id": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_id": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_id": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_id": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_id": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202201111633.p0.gd74112d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202201111633.p0.g190688a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_id": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202201111633.p0.g4c0ed6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202201111633.p0.gb392f6d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202201181437.p0.g7f7eccc.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202201111633.p0.g791e21e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202201181437.p0.gd421c69.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202201111633.p0.g8082d6e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202201111633.p0.gfa3468d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202201111633.p0.g9ee7458.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_id": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_id": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202201111633.p0.g131cfe6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_id": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_id": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202201181437.p0.g181b827.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202201111633.p0.ge75e467.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202201111855.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202201111633.p0.g44065a4.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202201120855.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_id": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202201111633.p0.gf65b49e.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202201111633.p0.g39cfc66.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gbd1f995.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202201111633.p0.gfabfa8b.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202201111633.p0.g9c75ad0.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202201111633.p0.g618b71d.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202201111633.p0.g12d80b2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202201111855.p0.g3c3794f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_id": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202201111633.p0.g8f5a67a.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202201111633.p0.gcc06fc6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202201111855.p0.g97081b3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202201111855.p0.ga19224c.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202201111855.p0.gddfb5bf.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202201111633.p0.gd209fd9.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202201111633.p0.g907f1f6.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202201111633.p0.g62be5ad.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202201111855.p0.g67dd835.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-27T08:24:22+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0181"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:0ead3c605631206f123a4c3b4c7b5e1249541d993d75c1a7cbaacae57bd047e7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:6e7666c52fca236c7708df93a64720b1bc94d9997c5cca300fb78a5301a811d3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:9851086ac084c5187482604b55b216009af51174b51b0a4ecaa22ae6965bdfac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:538543b6ea1186ba46340e2fc0752dc397bc2bde989fa356427aa991ef52b23f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:552025bcda355dc99917e2a454b11df197c7033ec3468752db7f4f55385c0009_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:914377c29c441b67235d5da849da9d5d2ca0c206eff6092f81cba427359a6a68_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3089ef3143857097229cf2b1098125c3bd889d920cbcd1e90e93870a4536a315_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3487912c66a6b61677be483ad0d48d404933d4f2c855a962b0038adefda820ac_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:b10e9335ffcb0c66cc733c493e7e90c81ecdc62fe74cb628260553141dd0e768_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:2f8c778281b547d7f8a6926b4527651f1b93cbc836b4f567251b436406ae531d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:35b7c99ee5ef1e05c31713148ca45795d11fb8cec14f5b73a5082edde1a420dd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:bf1348edada5d722cfdb83a825034eed794534da4297c2cba973ce10d422f3b6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:2fbdb1983c71d76bdc84593cb94b846afbe7504270ff49cf194d29f46c2a54ce_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:60e1a506e61226b57744b5023b8683745b602b32570c844631c5516e277cea4d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:837499b03eb6d86f40c9376d7f58ca99736fb028b9171215c9c11b3b7c9e1ea5_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9be5d1bd86525b465f4e21734fb64cf33d06a558628abe51355818eec90d6c5b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:de31cfdda8f79d6d1712df654fb70f9b51ad59526751ee4cdded28b26924f64f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f5a0bbf1cdee2baeeeef4a68f9c2778b3e32803aa39d3a5225ab14c5a834abda_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:135edfa97d1e2c97e4d71e91f22cf412df20b1a2f985f9dace339ff6419b0afe_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:67a5e7a3e155fee5aea31f5ff6191071f2dafdb3cf5f8f107fee7f749bac70b3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:af98ba0a7ae3b124c167043e04b1cf494a9a3fb5a8a6870456ee74b769f3505e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:13b72f06cf0587747fb189781a85a79e9d3245e9add207afba714b85659ccf51_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1025d0ff1b498ab133c2c8c952d74a06a26767919af075616ad3e3df7e1aa7b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:e1f0421a3d7c05e9d89336b1a5d992aa794a707b45a7f19c24ba6fbf731fc030_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:06a4ed599ae7598453ea474092c8515b2bead4631d5fc22848f19100b3d8d34a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:12b125762c840f8f556b5338f26543c56358cb2a4e0da718f28c537c17978e92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:27f0d36b1d6e0b9f746d4645444311c80ce0b3bf2a7a1f40619e6abf5ebacdac_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:1995f9ac67fec2ed8872a89fe7bf7bb72d9a25d50dc3f6060ae6cb7ca0b1cc50_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:55731345ef77fdbf7592fa6c6385674111203be5aaa5d6bb01b86ce12da290f2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:989062e17028afc452b6049eeb2b49988dbca1857b5be4c0ebc0d540ef4a9f0c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:3fa086ab7418aade16598fdaab31318d6fea99d27b8e8cdc70c91aa14c970720_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:abc06cbf734379c3460d401eae44981d01f2489d85ba128d6c25ad4e9cc4ac5a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:b793400ba4ca8347fed2769021f45589e96394d7f3f1b67d08e3787484193a8d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:55068deddcc722093ffbaef460407c0d62b95120489994ad35a3e103ae8bb825_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:babd8e4facbdf98988147f9ca14aed822b9661dfd07667c03cd5c2b3cd779c61_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:dad1e81945e33a88a10af0ba300ff838b9556b07856bb44625a1b5e06be59b5f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:30b5c49a7818318dca3ee1fabed17881ff1aaf7d85129ca28375754acefa01c1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:6f38aaca7153b53dd766acef9a056816c358a389629930fb6704cd136457f1fd_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:ec79fffde7369e36a548c594e0cab8fd2aec68f4bfb870c966873de953c82e28_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:cf92e54db3dad23fa8df46847b1da1330d925bd0a6b3ac266eed31baae6c86a9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:0c87dc49ed5f7fe9b495fc4ce9c04533a3cb30bcf35776730fb23d68fb7d935c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:23a05fd7b6dcdeec80089baf3ed23b4d601ac33f05bbf90b518aee0096f2e93a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:8123030facf3f2e1150a988fb48c04edb8bf8725fd1385fb5d6e00209a90aafc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:18b19dd12254c5ce801ca4876c517a804dc1135104aada08822b8a1a01dea88b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:53e4efe77d61d5c975e0d2bda0a5721624fa9b9bbe845b879320745dc5808146_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:f616d7ce6a927e4d07db54915e10c23052054883092b54cba31263fa2deeb143_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:5c917f6e16f53c787ab98ded89e6de10172ebbbc427ddd7b39274f6849fda279_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:f0803d7e103a6386db864d892b06a8506e1e8427f5439ade0b2b576cd57f39e1_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:ff35c8d9cafec29f141be52773cdbfc2b4da2197c54977554662e3c5b06443ba_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:2e791e91cc04924add27dd73651cc783eb0dc134a5d936245ffcdb655fee973f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:79d85a7a26cb26e7636c3e0057394739e5e7e553c460ea83130a75a1e047e139_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:7ce40d96b827a92da571e809f563072c8dbcfeb4dd105e5e80c774ad7dd75424_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:88f085beb4edf3cdc7e03e08ec0bf896fd17fd5e8629891e1359b500ddee3d40_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:a112dd127655109b81ae6f9fa5d7458642c517a84a6fabb2ff76f19cf4b73cff_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fce99497254da60d9ea29f8da240b21501f00369272a83229e9afe7cde4b3a9a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ad1bc526e85aecd53f0b8563f6461f4e93ae7929f0e124a262781859ecad2b5d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:ef9ca522e2e42d28263fe567dfd1455872a13b779d009f569f86a9806f7727b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:f291f5cf001e32843171cced32c9266b3801cf8838d44fd150f7064c8edd15bc_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:08069eb8d8084532872995971c4613487efe93e338fb091db122b9bf48228927_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:43eaa7ac445e648a9a44b6dacb87f96708d67d2bc262ff59980d8929fb20797b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:494cca490e8be47a3dd458f04791a11f80fca0255534fe926b5654e62d02950b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:0a4d48dd5651c1fd6038d6f1780c5bf012a6fad3dbb5442cb2331bac22ef30e6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:3ce7b7b2c42de34e85ec322e781da324de0be3642acd1cbe7b51bc584a9266c0_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:d174e013bab68f62d077d3994b3419e02bb48f7df30b7ba9416f3531898faa0f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:4868be0ee955c03af2def300abc0462f1c9644f9247584e30fdccc2d8780679e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:81b925ab3a62be690462b3b04d2dc837bac84650fb57f4adce339d69493cde44_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:a8cfdeddcc6a910f5cb320afa136544575c6c8a957270973ce0fd09c090cada6_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:1b4742afd01443ad4b3e06b3fcaee1d5eb111db7a348f8b8a993e6d25da43460_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:713c0cf0011d8b9b965fce87c21c1822ec3e6b30a12d523cfae899e3df538376_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:96126e249c57434c3641c8bfdee4ffd009c5fc20cfa1ef2763ab33fbdca68d3b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:f976ae1318691de3da7f208bea500c745796ab9f8de712c1801268a2f431f23f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:7c5a754163f73dbd38557b80f9c0b0286877774350177744ea6b199b0d62784f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:3c14ff447fbbccf0c201585598492336cdc9c7abec6be7e80e8df8ce15320ddc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:8280180d103a31b2e8594b2eb3711c205a956b2443624f6244488c86f0cab328_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:d5a0cbbe425d23a642743748f74d4432e53ab2e30d7af633d470e7bda82a18af_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b7e2a84f2e134b4316a8db9edebacd9bd8bb2a7daa7bf000da1d8802c45a2b12_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:84e9cbd74084dd42bd340ff837a9fb3de1f62babcb55c4a3a684c0b9881db385_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:677d94835e2141a208294a4c241c8ed214a6d9c5c21c03c88c7ccf19b461d3b5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:232d317b3a859141cafea76fce1177284a2a2d58294acef23c7f73214bd5a43f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:949915f8d3fa7b0d99e8b01fdf6cc6a28c16942a6978fa7cbb604467a5b9bd04_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:bd3a05f7433b159efc5dd4aa12afffa6e9121ae612a93722425ddcef6fbaf9d3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:25f3e6e8ec060df5cd6ad82035cf6f7c973890829c95ef5a006af292882c5f17_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:965ad84e25c85428bc5554dc24c929a294d766616649107cea227848f14605f1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:edd9b7d3df9f5f741c0d83607eabd20c0666960825dc21018813aee95fa0216a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:3b88fd834e952da56657207ef1c29d5cb05b0a71a68cdd6c6af00ab846166e47_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:baf9d876219182ca7f3f684640d361a55e43570446eed059f7061e8ff429f551_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:c7fec4fe430865ff8668e960cba75cb8f5c1ea448131dbc786a977ad9b988279_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:78251c9f29301cf945e7cd21059e26a4efa81f387351343391da8851fd47ad55_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:7ccfbebc93d0f6d2e48d1940fec540bd809ecfb81be7940431466ca950420acd_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ba082241f9cc57f8b35a979d7b9096bdad4c9f6dd4cdecde0e4d6eba7645d9e2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:b3ddfec490c5c285d373ea2eeea18361bdebbc377593157be592f8c903ab93e3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:cd5a9bac048f8cad9f2a176101617712daad243e928db57c021c6da52774d953_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:e223fe4e6a2e1de6d0faa3c3b1164e914bdb9315f679416d3aecffd4f8544f06_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:4a6d5d05e952393f41912f0b07e57ed2c6f1be49bd1bf6be2ad8dabffc9bf5a1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:c1ee961c1df9a16a2764d252cd3ee00ccba8faa5286352c0eff96e0a06daeb85_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e2161e3b282a02da7abc69b4d001ed19cffa1bee9e8275b5ee28874fcbd81670_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:277aef8937aa7892c1bf281de09177c46af5717d0107ca3a249cd43c4d9d60b2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:2971cf58e8005c83acfedbdc25047fc61b2857c080da9964269384b1a580facc_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:9a10666afe36a5cfe9d184cc05e9505208ce48756637309767a9b1206b90c36f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:44b6e854ecd47519615b68965464e94b31e9a44a698df0574f858cf6f9f47b8c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:bd3f71cebd3399a0c610439ef26582deb6e67ca46080fe8e6c3e2b51bb95d118_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:fc1db84a3523bdddfd54725ecd4f75ae2271f4e97d649009ca8f9ae94a25cc1a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:17ec16af68906589680c714c3fb858fb83389e9278ca79b8f9ec4ad953821f2c_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:a81cd86608af1bf295b247df68549ca62a980d6063f87fe6855f52ef69f9d933_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:ddad2bc791774d3b8b98eec435a9a74bef2ca20a6dfc9b45c3020c03f3c03b73_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:5203b4e517f0255d2e530f61c7dfa21784987074540eb83845e52d6a66d8e875_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:ce8ac507dc8593513b6e1b72ed497f5cb8699a28fb812290cf74f441ebf360d5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:e1f3573ca92174ca9226d60edbffa24e2f6cd4f8b6affc4381dc92b4f7f9c7c5_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:185cba65f61575ba943dd5cb2726a0ac9f46a2f7a70d215f20b5364236c9670d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:49d76edf3ab80e9be59a94ec660d8168812f3455f5f10ff71826bb96969ffcec_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:5dd21faf10657adb2e4bfeecdc7b04bfaa29938c19ffe57d88677553b5a1e79f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:290d63c1f882428084ed263cb9bf6fa6be0ef839ac0b864248dab92cee6790a7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:caf2e25693bcfd91e9e7f7892e8cab4629ee1c25563f9e8c9904142c3e84cc48_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:f07c522de4d1858ee086ccad7d5f9c922564b0b67b6677611074f856e4334c4e_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:2a8e8fa7b43091882a5ee187715c7aafff72e361a8a75e0878068fcdb03f8a46_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:4297f0d0f045f58a11353fad6c9de6baaa31a6cb7903ad51f6b01bee4b9703f0_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:f8683e6e50556395669789acaeb433cf533dc43f77f45dcba49cbd69d3096c1b_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:271c133e0d283cd7bec61eb7d3201218fced204b1101fafdcd06998fb17f088b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:b4a504d3d1fc1d1a8a2284edbf787dc3fc4279389c8f7a4f537da0f9d84f49de_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ea78f087daa0036569c99345c064af69d9970b6721682f435dd5e3b424ef8892_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:065ab5c72fef744a40955cc745bef43af5853ea6a92adb9282f871cfeb50ddd4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:0d541b24cd4e5f6fda0c0f6a652a600ce5b7107076dc0572a3da6b5d166220f7_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:a29b643415ccdec3c5d8157253b7273a0808de56f0dfe5329242dfcca8726700_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
}
]
}
RHSA-2022:0203
Vulnerability from csaf_redhat - Published: 2022-01-20 09:26 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update
Severity
Critical
Notes
Topic: A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.8.2, 7.9.1, 7.10.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Critical
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.8.2, 7.9.1, 7.10.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.8.2, 7.9.1, 7.10.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Fuse 7.8.2, 7.9.1, 7.10.1
Red Hat / Red Hat JBoss Fuse
|
cpe:/a:redhat:jboss_fuse:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A micro version update for Fuse 7.8, 7.9, and 7.10 is now available for Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0203",
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0203.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.8-7.10 security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0203",
"initial_release_date": "2022-01-20T09:26:34+00:00",
"revision_history": [
{
"date": "2022-01-20T09:26:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T09:26:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product": {
"name": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_id": "Red Hat Fuse 7.8.2, 7.9.1, 7.10.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects log4j versions between 2.0 and 2.14.1. In order to exploit this flaw you need:\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n\nIn Red Hat OpenShift Logging the vulnerable log4j library is shipped in the Elasticsearch components. Because Elasticsearch is not susceptible to remote code execution with this vulnerability due to use of the Java Security Manager and because access to these components is limited, the impact by this vulnerability is reduced to Moderate.\n\nAs per upstream applications using Log4j 1.x may be impacted by this flaw if their configuration uses JNDI. However, the risk is much lower. This flaw in Log4j 1.x is tracked via https://access.redhat.com/security/cve/CVE-2021-4104 and has been rated as having Moderate security impact.\n\nCodeReady Studio version 12.21.1 was released containing a fix for this vulnerability.\n\nThe following products are NOT affected by this flaw and have been explicitly listed here for the benefit of our customers.\n- Red Hat Enterprise Linux\n- Red Hat Advanced Cluster Management for Kubernetes \n- Red Hat Advanced Cluster Security for Kubernetes\n- Red Hat Ansible Automation Platform (Engine and Tower)\n- Red Hat Certificate System\n- Red Hat Directory Server\n- Red Hat Identity Management\n- Red Hat CloudForms \n- Red Hat Update Infrastructure\n- Red Hat Satellite\n- Red Hat Ceph Storage\n- Red Hat Gluster Storage\n- Red Hat OpenShift Data Foundation\n- Red Hat OpenStack Platform\n- Red Hat Virtualization\n- Red Hat Single Sign-On\n- Red Hat 3scale API Management",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "RHBZ#2030932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030932"
},
{
"category": "external",
"summary": "RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q",
"url": "https://github.com/advisories/GHSA-jfh8-c2jp-5v3q"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.lunasec.io/docs/blog/log4j-zero-day/",
"url": "https://www.lunasec.io/docs/blog/log4j-zero-day/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-10T02:01:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions \u003e=2.10\nset the system property log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS to true\n\nFor Log4j versions \u003e=2.7 and \u003c=2.14.1\nall PatternLayout patterns can be modified to specify the message converter as %m{nolookups} instead of just %m\n\nFor Log4j versions \u003e=2.0-beta9 and \u003c=2.10.0\nremove the JndiLookup class from the classpath. For example: \n```\nzip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class\n```\n\nOn OpenShift 4 and in OpenShift Logging, the above mitigation can be applied by following the steps in this article: https://access.redhat.com/solutions/6578421\n\nOn OpenShift 3.11, mitigation to the affected Elasticsearch component can be applied by following the steps in this article: https://access.redhat.com/solutions/6578441",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2021-12-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value"
},
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T09:26:34+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse product documentation pages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0203"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.8.2, 7.9.1, 7.10.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0205
Vulnerability from csaf_redhat - Published: 2022-01-20 11:39 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update
Severity
Moderate
Notes
Topic: An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.2.3
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.2.3
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.2.3
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.2.3 replaces Data Grid 8.2.2 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.3 in the Release Notes [3].\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0205",
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=data.grid\u0026version=8.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0205.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0205",
"initial_release_date": "2022-01-20T11:39:58+00:00",
"revision_history": [
{
"date": "2022-01-20T11:39:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T11:39:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.2.3",
"product": {
"name": "Red Hat Data Grid 8.2.3",
"product_id": "Red Hat Data Grid 8.2.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.2.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T11:39:58+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.2.3 server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.2.3 server patch. Refer to the 8.2.3 Release Notes[\u00b3] for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0205"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Data Grid 8.2.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.2.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0216
Vulnerability from csaf_redhat - Published: 2022-01-20 16:00 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update
Severity
Low
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Low
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
30 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0216",
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/6577421",
"url": "https://access.redhat.com/solutions/6577421"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0216.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4 security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0216",
"initial_release_date": "2022-01-20T16:00:06+00:00",
"revision_history": [
{
"date": "2022-01-20T16:00:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T23:11:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T16:00:06+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0216"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0222
Vulnerability from csaf_redhat - Published: 2022-01-20 18:54 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update
Severity
Moderate
Notes
Topic: A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel Extensions for Quarkus 2.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel Extensions for Quarkus 2.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel Extensions for Quarkus 2.2
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.2
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update to Red Hat Integration Camel Extensions for Quarkus 2.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update of Red Hat Integration - Camel Extensions for Quarkus serves as a replacement for 2.2 GA and includes the following security Fix(es):\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0222",
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0222.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.2 security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0222",
"initial_release_date": "2022-01-20T18:54:26+00:00",
"revision_history": [
{
"date": "2022-01-20T18:54:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:54:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product": {
"name": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_id": "Red Hat Integration Camel Extensions for Quarkus 2.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:54:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0222"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel Extensions for Quarkus 2.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
RHSA-2022:0223
Vulnerability from csaf_redhat - Published: 2022-01-20 18:55 - Updated: 2026-05-29 20:04Summary
Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update
Severity
Moderate
Notes
Topic: A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)
* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)
* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
6.6 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel-K 1.6.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:integration:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel-K 1.6.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:integration:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Integration Camel-K 1.6.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:integration:1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Integration Camel K that includes bug fixes. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A minor version update (from 1.6.2 to 1.6.3) is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) (CVE-2021-45046)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0223",
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2022-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2022.q1"
},
{
"category": "external",
"summary": "2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0223.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.3 release and security update",
"tracking": {
"current_release_date": "2026-05-29T20:04:06+00:00",
"generator": {
"date": "2026-05-29T20:04:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:0223",
"initial_release_date": "2022-01-20T18:55:14+00:00",
"revision_history": [
{
"date": "2022-01-20T18:55:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-20T18:55:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-29T20:04:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Integration Camel-K 1.6.3",
"product": {
"name": "Red Hat Integration Camel-K 1.6.3",
"product_id": "Red Hat Integration Camel-K 1.6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:integration:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44832",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2035951"
}
],
"notes": [
{
"category": "description",
"text": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: remote code execution via JDBC Appender",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Log4j 1.x is not impacted by this vulnerability. Therefore versions of log4j shipped with Red Hat Enterprise Linux are NOT affected by this flaw.\n\nFor Elasticsearch, as shipped in OpenShift Container Platform and OpenShift Logging, access to the log4j2.properties configuration is limited only to the cluster administrators and exploitation requires cluster logging changes, what reduced the impact of this vulnerability significantly [0].\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-jan-6-5",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44832"
},
{
"category": "external",
"summary": "RHBZ#2035951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035951"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44832"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3293",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3293"
}
],
"release_date": "2021-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "As per upstream:\n- In prior releases confirm that if the JDBC Appender is being used it is not configured to use any protocol other than Java.\n- Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: remote code execution via JDBC Appender"
},
{
"cve": "CVE-2021-45046",
"cwe": {
"id": "CWE-917",
"name": "Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)"
},
"discovery_date": "2021-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2032580"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.16.0. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input using a JNDI Lookup pattern resulting in remote code execution (RCE) in a limited number of environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although we have matched Apache\u0027s CVSS score, with the exception of the scope metric which will remain unaltered at \"unchanged\"; as we believe code execution would be at the permission levels of the running JVM and not exceeding that of the original CVE-2021-44228 flaw.\n \nWe have given this vulnerability an impact rating of Moderate, this is because of the unlikely nature of log4j lookup mapping values being derived from attacker controlled values. This is not the default configuration for end-applications using log4j 2.x and would require explicit action from a privileged user (a developer or administrator) to access the vulnerability. \nIn certain non-default configurations, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was insufficient.\n\nThis issue affects the log4j version between 2.0 and 2.15. Log4j 1.x is NOT impacted by this vulnerability. \n\nPrerequisites to exploit this flaw are :\n\n- A remotely accessible endpoint with any protocol (HTTP, TCP, etc) that allows an attacker to send arbitrary data,\n- A log statement in the endpoint that logs the attacker controlled data.\n- Log4j configuration file should be explicitly configured to use a non-default Pattern Layout with a Context Lookup eg. ($${ctx:loginId}) \n\nIn most cases, the mitigation suggested for CVE-2021-44228 (i.e. to set the system property `log4j2.noFormatMsgLookup` to `true) does NOT mitigate this specific vulnerability. \nLog4j 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.\n\nFor Elasticsearch, as shipped in OpenShift 3.11, the \"log4j2.formatMsgNoLookups=true\" system property mitigation is sufficient as there are no included non-standard configurations that allow for exploitation:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nFor CodeReady Studio the fix for this flaw is available on CodeReady Studio 12.21.3 and above versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45046"
},
{
"category": "external",
"summary": "RHBZ#2032580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45046"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-44228",
"url": "https://access.redhat.com/security/cve/CVE-2021-44228"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/14/4",
"url": "https://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2021-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j versions up to and including 2.15.0, this issue can be mitigated by removing the JndiLookup class from the classpath (example: zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class).",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)"
},
{
"cve": "CVE-2021-45105",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-12-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup and can cause Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has performed an analysis of this flaw and has classified the Attack Complexity(AC) as High because there are multiple factors involved which are beyond attacker\u0027s control:\n\n- The application has to use the logging configuration using a Context Map Lookup (for example, $${ctx:loginId}) which is a non-default Pattern Layout.\n- The application developer has to use the map org.apache.logging.log4j.ThreadContext in the application code and save at-least one key (for example, ThreadContext.put(\"loginId\", \"myId\");) in the ThreadContext map object.\n- Attackers must also know this saved key name in order to exploit this flaw.\n\nNote that saving keys in this map is a non-essential usage of log4j and just an optional feature provided. Refer to https://logging.apache.org/log4j/2.x/manual/lookups.html#ContextMapLookup to know more about the Context Map Lookup feature of Log4j.\n\nLog4j 1.x is not impacted by this vulnerability. Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using ONLY the log4j-api JAR file without the log4j-core JAR file are NOT impacted by this vulnerability.\n\n\nDespite including a vulnerable version of Log4j 2.x, this vulnerability is not exploitable in Elasticsearch[0], as shipped in OpenShift Container Platform and OpenShift Logging. OpenShift 3.11 specifically does not contain any context lookups:\n\nhttps://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_elasticsearch/templates/log4j2.properties.j2\n\nThis vulnerability is therefore rated Low for Elasticsearch in OpenShift Container Platform and OpenShift Logging.\n\n[0] https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476#update-december-18-4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Integration Camel-K 1.6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45105"
},
{
"category": "external",
"summary": "RHBZ#2034067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45105",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45105"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/LOG4J2-3230",
"url": "https://issues.apache.org/jira/browse/LOG4J2-3230"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/security.html",
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2021/12/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/12/19/1"
}
],
"release_date": "2021-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-01-20T18:55:14+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0223"
},
{
"category": "workaround",
"details": "For Log4j 2 versions up to and including 2.16.0, this flaw can be mitigated by:\n- In PatternLayout in the Log4j logging configuration, replace Context Lookups like ${ctx:loginId} or $${ctx:loginId} with Thread Context Map patterns (%X, %mdc, or %MDC) like %X{loginId}.\n- Otherwise, in the Log4j logging configuration, remove references to Context Lookups like ${ctx:loginId} or $${ctx:loginId} where they originate from sources external to the application such as HTTP headers or user input.",
"product_ids": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Integration Camel-K 1.6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…