Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-39325 (GCVE-0-2023-39325)
Vulnerability from cvelistv5 – Published: 2023-10-11 21:15 – Updated: 2025-02-13 17:02
VLAI
EPSS
Title
HTTP/2 rapid reset can cause excessive work in net/http
Summary
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.
Severity
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
43 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/http |
Affected:
0 , < 1.20.10
(semver)
Affected: 1.21.0-0 , < 1.21.3 (semver) |
|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.17.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/534215"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/534235"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2serverConn.serve"
},
{
"name": "http2serverConn.processHeaders"
},
{
"name": "http2serverConn.upgradeRequest"
},
{
"name": "http2serverConn.runHandler"
},
{
"name": "ListenAndServe"
},
{
"name": "ListenAndServeTLS"
},
{
"name": "Serve"
},
{
"name": "ServeTLS"
},
{
"name": "Server.ListenAndServe"
},
{
"name": "Server.ListenAndServeTLS"
},
{
"name": "Server.Serve"
},
{
"name": "Server.ServeTLS"
},
{
"name": "http2Server.ServeConn"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.20.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.21.3",
"status": "affected",
"version": "1.21.0-0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "serverConn.serve"
},
{
"name": "serverConn.processHeaders"
},
{
"name": "serverConn.upgradeRequest"
},
{
"name": "serverConn.runHandler"
},
{
"name": "Server.ServeConn"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.17.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-28T04:05:57.980Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/63417"
},
{
"url": "https://go.dev/cl/534215"
},
{
"url": "https://go.dev/cl/534235"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231110-0008/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/"
},
{
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
}
],
"title": "HTTP/2 rapid reset can cause excessive work in net/http"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-39325",
"datePublished": "2023-10-11T21:15:02.727Z",
"dateReserved": "2023-07-27T17:05:55.188Z",
"dateUpdated": "2025-02-13T17:02:50.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-39325",
"date": "2026-06-03",
"epss": "0.0015",
"percentile": "0.352"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-39325\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2023-10-11T22:15:09.880\",\"lastModified\":\"2024-11-21T08:15:09.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.\"},{\"lang\":\"es\",\"value\":\"Un cliente HTTP/2 malicioso que crea solicitudes r\u00e1pidamente y las restablece inmediatamente puede provocar un consumo excesivo de recursos del servidor. Si bien el n\u00famero total de solicitudes est\u00e1 limitado por la configuraci\u00f3n http2.Server.MaxConcurrentStreams, restablecer una solicitud en curso permite al atacante crear una nueva solicitud mientras la existente a\u00fan se est\u00e1 ejecutando. Con la soluci\u00f3n aplicada, los servidores HTTP/2 ahora vincularon el n\u00famero de rutinas de controlador que se ejecutan simult\u00e1neamente al l\u00edmite de concurrencia de transmisi\u00f3n (MaxConcurrentStreams). Las nuevas solicitudes que lleguen cuando se encuentre en el l\u00edmite (lo que solo puede ocurrir despu\u00e9s de que el cliente haya restablecido una solicitud existente en curso) se pondr\u00e1n en cola hasta que salga un controlador. Si la cola de solicitudes crece demasiado, el servidor finalizar\u00e1 la conexi\u00f3n. Este problema tambi\u00e9n se solucion\u00f3 en golang.org/x/net/http2 para los usuarios que configuran HTTP/2 manualmente. El l\u00edmite de simultaneidad de transmisiones predeterminado es 250 transmisiones (solicitudes) por conexi\u00f3n HTTP/2. Este valor se puede ajustar utilizando el paquete golang.org/x/net/http2; consulte la configuraci\u00f3n Server.MaxConcurrentStreams y la funci\u00f3n ConfigureServer.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.20.0\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"99C776A5-1409-4638-AB9A-8A2B053DBFE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E44A7B-F32A-43F2-B41A-CB3049100DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_trident_autosupport:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25008095-A75E-4E34-9538-61B6334BB0F9\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/534215\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/534235\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/63417\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\",\"source\":\"security@golang.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2102\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231110-0008/\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://go.dev/cl/534215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/534235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://go.dev/issue/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231110-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
OPENSUSE-SU-2024:13506-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
traefik-2.10.7-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik-2.10.7-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik-2.10.7-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13506
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik-2.10.7-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik-2.10.7-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13506",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13506-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45283 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47106 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47124 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47633/"
}
],
"title": "traefik-2.10.7-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13506-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.10.7-1.1.aarch64",
"product": {
"name": "traefik-2.10.7-1.1.aarch64",
"product_id": "traefik-2.10.7-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.10.7-1.1.ppc64le",
"product": {
"name": "traefik-2.10.7-1.1.ppc64le",
"product_id": "traefik-2.10.7-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.10.7-1.1.s390x",
"product": {
"name": "traefik-2.10.7-1.1.s390x",
"product_id": "traefik-2.10.7-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik-2.10.7-1.1.x86_64",
"product": {
"name": "traefik-2.10.7-1.1.x86_64",
"product_id": "traefik-2.10.7-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.10.7-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64"
},
"product_reference": "traefik-2.10.7-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.10.7-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le"
},
"product_reference": "traefik-2.10.7-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.10.7-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x"
},
"product_reference": "traefik-2.10.7-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik-2.10.7-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
},
"product_reference": "traefik-2.10.7-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39325"
}
],
"notes": [
{
"category": "general",
"text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39325",
"url": "https://www.suse.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1230323 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1230323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-45283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45283"
}
],
"notes": [
{
"category": "general",
"text": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45283",
"url": "https://www.suse.com/security/cve/CVE-2023-45283"
},
{
"category": "external",
"summary": "SUSE Bug 1216943 for CVE-2023-45283",
"url": "https://bugzilla.suse.com/1216943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45284"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45284",
"url": "https://www.suse.com/security/cve/CVE-2023-45284"
},
{
"category": "external",
"summary": "SUSE Bug 1216944 for CVE-2023-45284",
"url": "https://bugzilla.suse.com/1216944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45284"
},
{
"cve": "CVE-2023-47106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47106"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47106",
"url": "https://www.suse.com/security/cve/CVE-2023-47106"
},
{
"category": "external",
"summary": "SUSE Bug 1217804 for CVE-2023-47106",
"url": "https://bugzilla.suse.com/1217804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47106"
},
{
"cve": "CVE-2023-47124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47124"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let\u0027s Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47124",
"url": "https://www.suse.com/security/cve/CVE-2023-47124"
},
{
"category": "external",
"summary": "SUSE Bug 1217806 for CVE-2023-47124",
"url": "https://bugzilla.suse.com/1217806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47124"
},
{
"cve": "CVE-2023-47633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47633"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47633",
"url": "https://www.suse.com/security/cve/CVE-2023-47633"
},
{
"category": "external",
"summary": "SUSE Bug 1217807 for CVE-2023-47633",
"url": "https://bugzilla.suse.com/1217807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik-2.10.7-1.1.aarch64",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.ppc64le",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.s390x",
"openSUSE Tumbleweed:traefik-2.10.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47633"
}
]
}
OPENSUSE-SU-2024:14076-1
Vulnerability from csaf_opensuse - Published: 2024-06-24 00:00 - Updated: 2024-06-24 00:00Summary
traefik2-2.11.5-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: traefik2-2.11.5-1.1 on GA media
Description of the patch: These are all security issues fixed in the traefik2-2.11.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14076
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
46 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "traefik2-2.11.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the traefik2-2.11.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14076",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14076-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23469 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24534 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-29013 page",
"url": "https://www.suse.com/security/cve/CVE-2023-29013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45283 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47106 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47124 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28869/"
}
],
"title": "traefik2-2.11.5-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-24T00:00:00Z",
"generator": {
"date": "2024-06-24T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14076-1",
"initial_release_date": "2024-06-24T00:00:00Z",
"revision_history": [
{
"date": "2024-06-24T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.aarch64",
"product": {
"name": "traefik2-2.11.5-1.1.aarch64",
"product_id": "traefik2-2.11.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.ppc64le",
"product": {
"name": "traefik2-2.11.5-1.1.ppc64le",
"product_id": "traefik2-2.11.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.s390x",
"product": {
"name": "traefik2-2.11.5-1.1.s390x",
"product_id": "traefik2-2.11.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "traefik2-2.11.5-1.1.x86_64",
"product": {
"name": "traefik2-2.11.5-1.1.x86_64",
"product_id": "traefik2-2.11.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64"
},
"product_reference": "traefik2-2.11.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le"
},
"product_reference": "traefik2-2.11.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x"
},
"product_reference": "traefik2-2.11.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "traefik2-2.11.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
},
"product_reference": "traefik2-2.11.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization header are displayed in the debug logs. Attackers must have access to a users logging system in order for credentials to be stolen. This issue has been addressed in version 2.9.6. Users are advised to upgrade. Users unable to upgrade may set the log level to `INFO`, `WARN`, or `ERROR`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23469",
"url": "https://www.suse.com/security/cve/CVE-2022-23469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-23469"
},
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41724"
}
],
"notes": [
{
"category": "general",
"text": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41724",
"url": "https://www.suse.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "SUSE Bug 1208271 for CVE-2022-41724",
"url": "https://bugzilla.suse.com/1208271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-41724"
},
{
"cve": "CVE-2022-46153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46153",
"url": "https://www.suse.com/security/cve/CVE-2022-46153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-46153"
},
{
"cve": "CVE-2023-24534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24534"
}
],
"notes": [
{
"category": "general",
"text": "HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more memory than required to hold the parsed headers. An attacker can exploit this behavior to cause an HTTP server to allocate large amounts of memory from a small request, potentially leading to memory exhaustion and a denial of service. With fix, header parsing now correctly allocates only the memory required to hold parsed headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24534",
"url": "https://www.suse.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "SUSE Bug 1210127 for CVE-2023-24534",
"url": "https://bugzilla.suse.com/1210127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-24534"
},
{
"cve": "CVE-2023-29013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-29013"
}
],
"notes": [
{
"category": "general",
"text": "Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-29013",
"url": "https://www.suse.com/security/cve/CVE-2023-29013"
},
{
"category": "external",
"summary": "SUSE Bug 1210505 for CVE-2023-29013",
"url": "https://bugzilla.suse.com/1210505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-29013"
},
{
"cve": "CVE-2023-39325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39325"
}
],
"notes": [
{
"category": "general",
"text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39325",
"url": "https://www.suse.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1230323 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1230323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-45283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45283"
}
],
"notes": [
{
"category": "general",
"text": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45283",
"url": "https://www.suse.com/security/cve/CVE-2023-45283"
},
{
"category": "external",
"summary": "SUSE Bug 1216943 for CVE-2023-45283",
"url": "https://bugzilla.suse.com/1216943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45284"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45284",
"url": "https://www.suse.com/security/cve/CVE-2023-45284"
},
{
"category": "external",
"summary": "SUSE Bug 1216944 for CVE-2023-45284",
"url": "https://bugzilla.suse.com/1216944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45284"
},
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-47106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47106"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47106",
"url": "https://www.suse.com/security/cve/CVE-2023-47106"
},
{
"category": "external",
"summary": "SUSE Bug 1217804 for CVE-2023-47106",
"url": "https://bugzilla.suse.com/1217804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47106"
},
{
"cve": "CVE-2023-47124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47124"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let\u0027s Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47124",
"url": "https://www.suse.com/security/cve/CVE-2023-47124"
},
{
"category": "external",
"summary": "SUSE Bug 1217806 for CVE-2023-47124",
"url": "https://bugzilla.suse.com/1217806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-47124"
},
{
"cve": "CVE-2023-47633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47633"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47633",
"url": "https://www.suse.com/security/cve/CVE-2023-47633"
},
{
"category": "external",
"summary": "SUSE Bug 1217807 for CVE-2023-47633",
"url": "https://bugzilla.suse.com/1217807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47633"
},
{
"cve": "CVE-2024-24788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24788"
}
],
"notes": [
{
"category": "general",
"text": "A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24788",
"url": "https://www.suse.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "SUSE Bug 1224018 for CVE-2024-24788",
"url": "https://bugzilla.suse.com/1224018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-24788"
},
{
"cve": "CVE-2024-28869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28869"
}
],
"notes": [
{
"category": "general",
"text": "Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the \"Content-length\" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of service. This vulnerability has been addressed in version 2.11.2 and 3.0.0-rc5. Users are advised to upgrade. For affected versions, this vulnerability can be mitigated by configuring the readTimeout option.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28869",
"url": "https://www.suse.com/security/cve/CVE-2024-28869"
},
{
"category": "external",
"summary": "SUSE Bug 1222825 for CVE-2024-28869",
"url": "https://bugzilla.suse.com/1222825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.aarch64",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.ppc64le",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.s390x",
"openSUSE Tumbleweed:traefik2-2.11.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-28869"
}
]
}
RHBA-2023:5806
Vulnerability from csaf_redhat - Published: 2023-10-17 19:03 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update
Severity
Important
Notes
Topic: An update is now available for Red Hat Ansible Automation Platform 2.4
Details: Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Updates:
* Added a new subscription usage page to the controller UI to view historical usage of licenses (AAP-16983)
* Add scheduler deployment to handle more rulebook activations (AAP-16760)
* Upgraded Django to address CVE-2023-41164 automation-controller: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` (AAP-16193)
* EDA default and activation workers now have their own separate deployments, which can be scaled independently (AAP-15506)
* EDA application extra_settings are now correctly configured in the application settings (AAP-15073)
* Set default resource requests and limits for EDA based on performance data (AAP-13143)
* Operator is killing migration process if it's taking too long (https://issues.redhat.com/browse/AAP-17085)
* OS Updates
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
115 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
115 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nUpdates:\n* Added a new subscription usage page to the controller UI to view historical usage of licenses (AAP-16983)\n* Add scheduler deployment to handle more rulebook activations (AAP-16760)\n* Upgraded Django to address CVE-2023-41164 automation-controller: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` (AAP-16193)\n* EDA default and activation workers now have their own separate deployments, which can be scaled independently (AAP-15506)\n* EDA application extra_settings are now correctly configured in the application settings (AAP-15073)\n* Set default resource requests and limits for EDA based on performance data (AAP-13143)\n* Operator is killing migration process if it\u0027s taking too long (https://issues.redhat.com/browse/AAP-17085)\n* OS Updates",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:5806",
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_5806.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update",
"tracking": {
"current_release_date": "2026-06-04T04:29:29+00:00",
"generator": {
"date": "2026-06-04T04:29:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:5806",
"initial_release_date": "2023-10-17T19:03:49+00:00",
"revision_history": [
{
"date": "2023-10-17T19:03:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-17T19:03:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_cloud_billing:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-billing-rhel8\u0026tag=0.0.2-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-billing-rhel8-operator\u0026tag=1.0.2-24"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8\u0026tag=1.0.2-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-ui-rhel8\u0026tag=1.0.2-14"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product_id": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-cloud-ui-rhel8-operator\u0026tag=1.0.3-10"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product": {
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product_id": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/cloud-addons-operator-bundle\u0026tag=2.4-402"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product_id": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-29-rhel8\u0026tag=1.0.0-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product_id": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-cloud-services-rhel8\u0026tag=1.0.0-147"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product_id": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-containerized-installer-rhel8\u0026tag=1.2.3-13"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product_id": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-dellemc-openmanage-rhel8\u0026tag=8.3.0-7"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product_id": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/aap-must-gather-rhel8\u0026tag=0.0.1-356"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product_id": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/platform-operator-bundle\u0026tag=2.4-672"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel9\u0026tag=3.0.0-111"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product_id": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-builder-rhel8\u0026tag=3.0.0-112"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel8\u0026tag=1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-base-rhel9\u0026tag=1.0.0-387"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel8\u0026tag=1.0.0-369"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product_id": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ansible-python-toolkit-rhel9\u0026tag=1.0.0-368"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product_id": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8\u0026tag=4.4.6-4"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product_id": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"product_identification_helper": {
"purl": "pkg:oci/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/controller-rhel8-operator\u0026tag=2.4-79"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-rhel8-operator\u0026tag=2.4-86"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product_id": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/eda-controller-ui-rhel8\u0026tag=1.0.1-16"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product_id": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product_id": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-rhel8-operator\u0026tag=2.4-70"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product_id": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/hub-web-rhel8\u0026tag=4.7.3-15"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel9\u0026tag=1.0.0-128"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product_id": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-minimal-rhel8\u0026tag=1.0.0-129"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product_id": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel8\u0026tag=1.0.0-135"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product_id": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/de-supported-rhel9\u0026tag=1.0.0-134"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product_id": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-containerized-installer-rhel8\u0026tag=1.2.3-13"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product_id": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-dellemc-openmanage-rhel8\u0026tag=8.3.0-7"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel9\u0026tag=1.0.0-451"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product_id": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8\u0026tag=1.0.0-450"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel8\u0026tag=1.0.0-436"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product_id": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/ee-supported-rhel9\u0026tag=1.0.0-435"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product_id": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-rhel8-operator\u0026tag=2.4-68"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product_id": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"product_identification_helper": {
"purl": "pkg:oci/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform-24/platform-resource-runner-rhel8\u0026tag=2.4-88"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Cloud-Billing"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le"
},
"product_reference": "ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x"
},
"product_reference": "ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64"
},
"product_reference": "ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x"
},
"product_reference": "ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x"
},
"product_reference": "ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64"
},
"product_reference": "ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64"
},
"product_reference": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64"
},
"product_reference": "ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le"
},
"product_reference": "ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64"
},
"product_reference": "ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64"
},
"product_reference": "ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64"
},
"product_reference": "ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
},
"product_reference": "ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-17T19:03:49+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-17T19:03:49+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:5806"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:3151364d2c3359a253e6f95fe296ad9842bcf859a4d05e65abc1283f7646f986_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:f650486925c3bb5ff56570543839ef8ab668c91bba11a30aeceba22b0cf25b3e_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:738e8ad888db5fa2205b9eb809b25ee98b77b47e7cb009d7aef94e0ab09c9492_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:2826678e9aca4fc567567c36f0d7af6cc22ee85fcfb23d3552534712685d512d_amd64",
"8Base-Ansible-Automation-Platform-2.4-Cloud-Billing:ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:0d0b96befa8957940d289d905517a6e2ef687cc28c9e68c29acb7813a90a13a6_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:1ff8637546e4244650e7ad05e9e287c041198d4848a0834c4b505c73ec2adc40_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:53a9a6779f8569b03faec060888f39d2d3f071d3a4af8269f66490abd8bfad7e_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:ba77e7f17865da4d59f91b69ab58cbeafaa86debe50d2d6fb89e9812f4aed1c7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/aap-must-gather-rhel8@sha256:d1730361a768cc0dc847958b872eac8befb5bcbe87d4fc18098b9ff4ed072cf3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0089971676a347149081311def7417185edfeac0fa0fb09bac556d1e4ac17971_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:0a5ae31195b5b32e8f0800a301ce0e1e282812af59c667c4b40af82a8ca09d62_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:73220bd2c0da0524f6eb6c7a88378ee9970a804a998f039fa14683cf5d7adf2f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel8@sha256:9aa60f9acfd33709262f38091589521ef49674607e69a3baa6f3d9c9508a10fe_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:5cf9e0d8a0ad5b1492187b177751cede769b53dc830e5b1bc5dcdd110a71a397_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:6599eee6f2b0b8c08ea3dc49598f97aea3b53b456afcc410dd740c39bbfdcd63_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:697fa0ba756009f66eb78f1feb4f9597da4b2382644c76f7755d29dd70aecea2_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel8@sha256:dd8c5dc68cf8d71a563743040922540101be6c1b29c2f565e1352ece5b68377b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:9273cfd468a23859d784dc3fbf2ad1abb04892e6a3f2ad55d8d2e7c623d0419f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:99e842a1ca0ea2234c09a8a9466d936968ef36032c102e26fa761089528461e7_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d2d4b79f72dfe3f646f27b2c35e5108ed3a3c867fd0b9c04d0193e6ec717ad75_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:d6ae7f3136a14984e33f46598f6e321ad72f3875e4c3f0a8c773e5046fb99f1a_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:013993b69238a181ef9be9c6cbd173f4af8280f6dc763e52a493e54e71069a01_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:07a798fdc9b88ce7332a1300475e3a56d439b55a7ad5e10fd8d4e036661841cd_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:2e252f02c2695856d19d90299e2f1cc2bf93d7304e48da306628b12f4d56b037_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8-operator@sha256:71dac652dd2a9588f1722c5147c8cc9cdb5c38d3cb3dc5a5e955c4cba6a3e57c_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:11f4ad08d0d96223b17e08a5d07f0594d0d450fe94bd86ce6f57165d20eedfee_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:6855d1b68735adde33f4ad83496e7ada4548e3fb1ad07cb7925dfb726d800da0_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:c8fdd92c3c2c497ab1d4ba8c96759e8f2dfe7f023df6c5021dfed672c98d0621_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/controller-rhel8@sha256:f346fa5d9a45ba329dc668e6a63672020fb579948b6c417ce76400e07ef928a5_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:1e2c70baa0950d9667715e4deda717db264ea07aaa097ed4c3e11025eb4c59a0_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:3407db77ac87aecdc3bd3d32294672192caadd5779858d9c1ca559eef0dcf431_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:6bf6294838abf4584f07500c9d61e7358d706f5754e1171e6a4184957e272d18_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel8@sha256:8c7d062a28b7e54510c1aa45598a6e7c0777962b0c5d1dd1eff77e2203aabc93_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:037b08f1cdf2bd0ba488ec02d6c4136171cadad65017f4331fb8e6d8b9ec8ffb_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:3abdaa6c02011ee543838612626d895980298d6e505e510f4a2b75e6ee0d6315_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:d4d8984a1e1191d58e402dfd9f7d80a1f3bf714b774cc0837809ccabbbbfdb03_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel8@sha256:dcdf4678c085dcb1014930901def587b01e780ce45a471f17a9c39de221b0757_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:4220b98f9d8e805a77a4a4ef95855b8f2c61467a02f686c7b547496831493746_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:683b9705958bb94e2f3fa8901c19ffd4d2a3967104fec3a969a46fa7e5702507_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:b533066a88203acca58a7355f379018eb270f0c932c35f8170e76bfe658ef84b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:f9f8d32c2ab60ab6c30bfcdec7778f6eb67ba30015d9453afd67ab334c8c2fe5_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:2bc05e35b21a826737e8bc523924d8137a531003d2ba2466243f4172708f2cbc_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:3059b9a6c38deb5aac3fb60875214fe2dafe50cda028638816ec67741169ec73_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:7d75552ba2d42b0f85695e9a71ff71dd781bce0452590d89c12a8fc9f1a501ff_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-rhel8@sha256:fd7e96d6b70e0a1b13f0f34e7f14d4de14d07f0db6c449c20e1211bc3982205e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:56b46c50edef8f427dbc11d32c493ccc3b12df9dc9f553c2e8d3740313ae3cd1_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:7eeca90468dde408d820ffb7b530d0cef615fe6f4a7e852b47ff18028cc09ecc_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:88f5e52c33ca6ff00cb1fd37753a2b1f9e4b6b2a07977e68b71262a8d7a4c58b_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:ee508e6aaaf56c6ec9025d7650000a39a7b05319b570e6961eb72d20623793d9_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-29-rhel8@sha256:5685c052ba6b6d3eec7b7c740ba6b967e92f1fa22631dcf2fe048c57d16cf12a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:d0797635652c5d9044da6c9f3ecbcc174bf7a9823f1c72cde44830cfe4f5ff56_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:628f7596505a9ab111cfcd1d3a1eb11e537dbf663d9b802e3cc94af8dbfa05d6_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-dellemc-openmanage-rhel8@sha256:894f470c00c9bffad51ba8e8aecac867345c6e3f90227d773699cf8ef25120eb_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:382c4b91e8c8b30b51d3168b4a16f7c75c96198f4699c301bd03d686c8e85ae7_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:5a2b269ebe2bbb5f27af823cc13c3ce06ade36f43480aa56d41d654d5ef139e3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:63ea2ecffbf408183f3f37e4c1df4e3a77b9f4c0806d2ef3141d102470661e38_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel8@sha256:c4c7158dfc2c317c62aed28f6db21bc347aca92b8301a6cb932c1a5fbf3eac87_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:72098dcaf2cf2174557428f1121c5926b905dfaa0aad160d3064d171946f298e_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:97e133b817c1aac347642b414ca6cb108fec25434b945c398bae6763f1596c5e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:a5641fd059a00dff89f846472bf2c139c15ac2908328b03f86ab67087a1dbcf4_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel8@sha256:adad7b24fba97c5649f320ebc72a6b6cbf280e552121a2081b0fe804b06ef78d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:32fa50754404a12b4d4a58d4ef9def3f5e8225cb2cf1e56983df1677f621462e_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:ad9213450b9284c6e4323f9f8a5dfc42734ac95b67e5cd6a3afc3bd2945e993d_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:b3064c6ba7b2cf491ced94cd9b6545306cb7d59e2054a0d7042daaa3c062246e_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8-operator@sha256:f38fcf5efc4501f3111484cd9c5216f4014fcfd0088d4dd3ad6c14ad76dbe83a_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:a27c12f79db64522884b304c30f40635c774f51596689670fd628f409a68663f_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:ac2b684d7ac8e0b6f36fe2da22b2ed41bfb24f8e2f77e64117c186a3cdf2f21b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:df80c45631e780f58aaf85edddaf77ed82c0b41f0ad766db048615290eeb96a3_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-rhel8@sha256:fe2675bd2c51d62dfa3473653c00ddf55a1b64791f5029fe0b87087461b700a1_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:01b5493444bc24c954ce86554d0ba8ca99b9db8c516901d0539e1b001ba78590_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:0b7d67480c6a15e5a655573f2ac885d34df441978f8f595f8c4d9f5e93c052d1_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:a44ffd3666281ab867c177915ddf48fdb59052a2d48f49284a598e8c80125d7b_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/hub-web-rhel8@sha256:ff2db93490c489562bb8c37a247daf01e10c871e628b24cc4006dd2bd14473bb_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:13425b0194354a15d71f6bccd7b2e526ef4b2cd8c56b6aff91ebf4435bda20bc_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:893d04a458674590c81c2ef09fb222c36f47bee71ab3615d6bb73432c58d965b_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:964337aac284059c1abde17a9bd2c0d13fd5a149a91af19eb56944728f7f5584_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:9d429c6e5d72bf883362b1ae11f8b4ed3a9d468e77e2e29c8ff234df9e255db4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:38bc442a6181a739b4c232d25abd7018dbce05083f3bf09ab7a071a3d2a4c7b4_ppc64le",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:8c80648871aee9d1c5450226d18b122a40fe188b1140fcb22800ecda41bb6343_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:cfbf2ddd1dce998575bf8e38cd38bbcc98b006ba918d5de8ea1621b5de4d3f67_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:de8830287e00c4062524ebc9e9a93896503101e6382f553c89cc0c1e7d15618f_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/cloud-addons-operator-bundle@sha256:bdc45dd15fcdf3d3956c6ddc2316a8e68490cc1d4249f95b01b231a0fb17debf_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:797d37d3015ebbf5125f6e1d12d47774a276a42a3c18ccabab2bf1c466b001fd_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/ee-containerized-installer-rhel8@sha256:a4cdb956a90531672851a53c6691591c871513630c8d441b0061d0c187f62a99_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:5825e694ae618fd41f495a7d5b9f911da004a9649aa09ca66ad64d3812a884d9_amd64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:8b8051faac5197c85088cdb2032576d7789ef251ffd8ea8fc2e525a199202ab0_s390x",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:d5d128596af42dddb7f3efa725050a35c07eae5e63a4bd8be7789857cf5d36f3_arm64",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform/platform-operator-bundle@sha256:ecc912e9ab3146df86e7be7afbc077db49e74f913815c73521ae67893f452853_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:20092308c17687aa6059400af8d1772b8fe85207db9f9a5b6d259908e0b63aab_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:45ff186bff94f30a34c2fe59bc342d10bf47071567b9d09d1fa61bf08e72f1c4_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:a4a88494691f2fc7689d16a4da97a857e8b795e41ecf5fe09b09ebfc729511ce_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-builder-rhel9@sha256:eb2f2e5796823643b8b52b98976a04089cdc82ce32f3e4a348fc25dd12eff275_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:7ecc021d626a20acc20f73b28005c16a8d20c7640ec51dffdaff236440702172_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:8c34db5cc4c68c80db22a835c095d60e3988a3e6d1c82fb91cc8558b43a47b33_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:91f0cc9dd9261b7bff0484d3db8e499912fa1781aa71ad24c77d0809cccb03f4_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-base-rhel9@sha256:cd96a0ece925ed1443c0797bc3baf992ed7ae087f5977df8728a4aab8940516f_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:035f8ce6c6f6ab88366d7d42ba587d75b60236433e01ce0349a40554ff0e1b05_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:11934bcc8a713da353d254164b6914b5769326534a2298f0ccb8642813da5f9a_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:b46fed769c86134a110f442dc56b0c8bfd0d469eb39649916db099f611ab3347_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:bc376892f777fade4e725e140ae195ee94bd2f3c8e97b86a2705cbe23fa1875e_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:7660d7f051c9ac00bf49f609bf1e24b8020d2cb8856b40cbecc13de54d55fed8_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:9b13ab56c30c5c77a21e00d2dfbad44f63c6ff7ac5acb6b8ba416f7fb2a0fc51_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:a562c54aa4ba7538aa2b1beab666cab689240f664f8c17bfd769560efbe3b626_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-minimal-rhel9@sha256:f28e22e5da55ea626890aceb7ae4c391e192055a60a1beba9a98ac70ee1353ce_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:5bd5d0da12cc63b3221f508c203b0cde5b4628439d42c1a0303a31c217506936_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:da3031d8ff12b8df290c6da7c5451d0a797c24c0b2b0ce5cce943633d2352ee7_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:de1067b9be05a3acb9bb61458fb89e71acf01cad7a9439a638972bc0615a4d5a_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/de-supported-rhel9@sha256:f4fe61723e459bf8e8b8721cb463a89d77827f87ec835826b0866c617cb19ea7_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:49d5862f8abc4f05c837b26610604d32c07001af0a93993458b21e8f9adf534f_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:9bf9ff9e04832f353a8904f7f7826417abfe3891a927939a1cdfcfde30d1d10c_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:c35b05b413bc2090089219d476f0a1e2c56250fc09e190583e167bfcdce5bf35_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-minimal-rhel9@sha256:d21ac96577006183a5cc592fb094cb2cf0f25aa687597d68984965ebcb1cb9a5_s390x",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:162dd2718a9d9fdf4e3558129a0a77094a7fd9731ab826c664b69ed955853ddd_ppc64le",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:23ed9a9439c4651417dd96d62776ca40582b54fc5da2955a72b047608c0d6c42_amd64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:32d97ab01d3f3df3212c3e949d2630709ae05e4d0c56aafd6a720827234cf3e9_arm64",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-24/ee-supported-rhel9@sha256:e49a3d2b7456a55b603e78b8ddec27665b6a957f5ac479aad50123f3f9bb1d42_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6078
Vulnerability from csaf_redhat - Published: 2023-10-24 12:12 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: MTV 2.5.2 Images
Severity
Important
Notes
Topic: Updated Release packages that fix several bugs and add various enhancements are now available.
Details: Migration Toolkit for Virtualization 2.5.2 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header.
7.3 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Gin-Gonic Gin Web Framework. Affected versions of this package could allow a remote attacker to bypass security restrictions caused by improper input validation by the filename parameter of the Context.FileAttachment function. An attacker can modify the Content-Disposition header by using a specially-crafted attachment file name.
4.3 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
47 references
Acknowledgments
Catena Cyber
Philippe Antoine
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Release packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Virtualization 2.5.2 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6078",
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6078.json"
}
],
"title": "Red Hat Bug Fix Advisory: MTV 2.5.2 Images",
"tracking": {
"current_release_date": "2026-06-04T04:29:29+00:00",
"generator": {
"date": "2026-06-04T04:29:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:6078",
"initial_release_date": "2023-10-24T12:12:11+00:00",
"revision_history": [
{
"date": "2023-10-24T12:12:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T12:12:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el9"
}
}
},
{
"category": "product_name",
"name": "8Base-MTV-2.5",
"product": {
"name": "8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product_id": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-api-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product_id": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-console-plugin-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-controller-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-api-rhel8\u0026tag=2.5.2-6"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-rhel8\u0026tag=2.5.2-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product_id": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-openstack-populator-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product_id": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-operator-bundle\u0026tag=2.5.2-20"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhel8-operator\u0026tag=2.5.2-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product_id": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-ova-provider-server-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-populator-controller-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhv-populator-rhel8\u0026tag=2.5.2-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product_id": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-validation-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-rhel9\u0026tag=2.5.2-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8\u0026tag=2.5.2-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64 as a component of 8Base-MTV-2.5",
"product_id": "8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"relates_to_product_reference": "8Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64 as a component of 8Base-MTV-2.5",
"product_id": "9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64",
"relates_to_product_reference": "9Base-MTV-2.5"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2023-26125",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-05-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2203769"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gin-gonic-gin: Improper Input Validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26125"
},
{
"category": "external",
"summary": "RHBZ#2203769",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203769"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26125"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26125",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26125"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-2454/",
"url": "https://www.postgresql.org/support/security/CVE-2023-2454/"
}
],
"release_date": "2023-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gin-gonic-gin: Improper Input Validation"
},
{
"cve": "CVE-2023-26144",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26144"
},
{
"category": "external",
"summary": "RHBZ#2239924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226",
"url": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/issues/3955",
"url": "https://github.com/graphql/graphql-js/issues/3955"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/pull/3972",
"url": "https://github.com/graphql/graphql-js/pull/3972"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1",
"url": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181",
"url": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181"
}
],
"release_date": "2023-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries"
},
{
"cve": "CVE-2023-29401",
"cwe": {
"id": "CWE-494",
"name": "Download of Code Without Integrity Check"
},
"discovery_date": "2023-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216957"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Gin-Gonic Gin Web Framework. Affected versions of this package could allow a remote attacker to bypass security restrictions caused by improper input validation by the filename parameter of the Context.FileAttachment function. An attacker can modify the Content-Disposition header by using a specially-crafted attachment file name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29401"
},
{
"category": "external",
"summary": "RHBZ#2216957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216957"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29401"
}
],
"release_date": "2023-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
],
"known_not_affected": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:12:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6078"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:e1e3b4adafebe14f5c1c17b8b81c921c8c2daf77bf22ffef9f0a2e1ac1a32d5f_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:cfd662d50e649898951b9dc21bb8bd533ccbe4daa9ae9eb1ea365ae9bfdf39e0_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:86e6fc987f49aa419b0c7f15276559c4e0958adc9385d80deef228dfb9bcf0ba_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:bd5cf5ff33a900a8f7b8b4fc52ada3af737d42793b27e63f5cc7c36b11a21189_amd64",
"8Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:fd9758985cb3ab4fe6bddf1b989b0cc7803d9bf79883dfe3a02c6c3644fcc891_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-api-rhel9@sha256:7a25dd92fb3949f6b231d8019dda8ee2432ce1708cf746fdc805f335d19119e8_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:8d9c4e66535b0b3c6921cbf819c7d86dedaa9076fc05b9f00e9002b6fb1c5b1d_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:8fbc5262ebc5791a156ecc4afa539bb6d72bfe3ecf28e7ebaab12aab63e472e3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:ba513f372d1eccbc1a96c0934384021b5cd228533435bcfb70dd584e65f5abec_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-operator-bundle@sha256:9ec2a9e288b742ea9d71f13e055a4ede1b34e5e251aa662c65a83747a6603462_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-ova-provider-server-rhel9@sha256:53f0fa129b04bcb7ea8f80e6136fbaf189460b29bdd123398f456a4d2a32de3f_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:110ebc02ca7aca24ff830e8073af8062434ca8dc8ff1239b92c24e84d6cf08c3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:7481185531e6bba394f769c0e73bfc431e0d763afd23c59bacc8ec32875b0af3_amd64",
"9Base-MTV-2.5:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:094c261ca283ee4fcf58e79cc93e61da6e0759c82a157f3169c4390a7e7f1f74_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6109
Vulnerability from csaf_redhat - Published: 2023-10-25 12:32 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: MTV 2.4.3 Images
Severity
Important
Notes
Topic: Updated Release packages that fix several bugs and add various enhancements are now available.
Details: Migration Toolkit for Virtualization 2.4.3 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package. The JoinPath doesn't remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim's cookie-based authentication credentials.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr={{.}}") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — | ||
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — | ||
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
96 references
Acknowledgments
Catena Cyber
Philippe Antoine
Mattermost
Juho Nurminen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Release packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Virtualization 2.4.3 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6109",
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6109.json"
}
],
"title": "Red Hat Bug Fix Advisory: MTV 2.4.3 Images",
"tracking": {
"current_release_date": "2026-06-04T04:29:30+00:00",
"generator": {
"date": "2026-06-04T04:29:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:6109",
"initial_release_date": "2023-10-25T12:32:35+00:00",
"revision_history": [
{
"date": "2023-10-25T12:32:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-25T12:32:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-MTV-2.4",
"product": {
"name": "8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "8Base-MTV-2.4",
"product": {
"name": "8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product_id": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-api-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product_id": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-console-plugin-rhel9\u0026tag=2.4.3-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product_id": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-controller-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-api-rhel8\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product_id": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-must-gather-rhel8\u0026tag=2.4.3-6"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product_id": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-openstack-populator-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product_id": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-operator-bundle\u0026tag=2.4.3-12"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhel8-operator\u0026tag=2.4.3-3"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product_id": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-populator-controller-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product_id": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-rhv-populator-rhel8\u0026tag=2.4.3-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product_id": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-ui-rhel8\u0026tag=2.4.3-2"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product_id": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-validation-rhel9\u0026tag=2.4.3-5"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-rhel9\u0026tag=2.4.3-4"
}
}
},
{
"category": "product_version",
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product_id": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c?arch=amd64\u0026repository_url=registry.redhat.io/migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8\u0026tag=2.4.3-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64 as a component of 8Base-MTV-2.4",
"product_id": "8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"relates_to_product_reference": "8Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64 as a component of 8Base-MTV-2.4",
"product_id": "9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
},
"product_reference": "migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64",
"relates_to_product_reference": "9Base-MTV-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-3978",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim\u0027s web browser within the security context of the hosting website once the URL is clicked. The flaw allows an attacker to steal the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Cross site scripting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3978"
},
{
"category": "external",
"summary": "RHBZ#2228689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3978"
},
{
"category": "external",
"summary": "https://go.dev/cl/514896",
"url": "https://go.dev/cl/514896"
},
{
"category": "external",
"summary": "https://go.dev/issue/61615",
"url": "https://go.dev/issue/61615"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1988",
"url": "https://pkg.go.dev/vuln/GO-2023-1988"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Cross site scripting"
},
{
"cve": "CVE-2023-24534",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "RHBZ#2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
},
{
"category": "external",
"summary": "https://go.dev/issue/58975",
"url": "https://go.dev/issue/58975"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
},
{
"cve": "CVE-2023-24536",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses Go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not-affected.\n* The CVE refers to multipart form parsing routine mime/multipart.Reader.ReadForm, which is not used in Grafana, hence it is not-affected.\n* Butane does not parse multipart forms, hence, it is also not-affected.\nRedhat has marked this vulnerability as moderate as this vulnerability could lead to a potential denial of service when all the resource of a system is consumed which is technically not a clear case of denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24536"
},
{
"category": "external",
"summary": "RHBZ#2184482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536"
},
{
"category": "external",
"summary": "https://go.dev/issue/59153",
"url": "https://go.dev/issue/59153"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-24537",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: go/parser: Infinite loop in parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Moderate because it allows denial of service condition in Go\u2019s source code parser when processing specially crafted input containing //line directives with excessively large line numbers. Exploitation can cause the parser to enter an infinite loop, consuming CPU resources and rendering services unresponsive. While this issue does not permit code execution or data access, it poses a significant availability impact for systems processing untrusted Go source input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24537"
},
{
"category": "external",
"summary": "RHBZ#2184484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59180",
"url": "https://github.com/golang/go/issues/59180"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "To mitigate this issue, upgrade Go to version 1.19.8, 1.20.3, or later, where the vulnerability has been addressed.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: go/parser: Infinite loop in parsing"
},
{
"cve": "CVE-2023-24538",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184481"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: backticks not treated as string delimiters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The described issue involving Go templates and JavaScript template literals poses a moderate severity rather than an important one due to several mitigating factors. Firstly, the vulnerability requires specific conditions to be met: the presence of Go templates within JavaScript template literals. This limits the scope of affected codebases, reducing the likelihood of exploitation. Additionally, the decision to disallow such interactions in future releases of Go indicates a proactive approach to addressing the issue. Furthermore, the affected packages or components within Red Hat Enterprise Linux, such as Conmon, Grafana, and the RHC package, have been assessed and determined not to be impacted due to their specific usage patterns. So the limited scope of affected systems and the absence of exploitation vectors in specific components within Red Hat Enterprise Linux contribute to categorizing the severity of the issue as moderate.\n\nFor Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* The rhc package do not make use of html/template. Hence, it is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24538"
},
{
"category": "external",
"summary": "RHBZ#2184481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59234",
"url": "https://github.com/golang/go/issues/59234"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: backticks not treated as string delimiters"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24539",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196026"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang where angle brackets (\u003c\u003e) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a \u0027/\u0027 character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper sanitization of CSS values",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore, the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24539"
},
{
"category": "external",
"summary": "RHBZ#2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59720",
"url": "https://github.com/golang/go/issues/59720"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper sanitization of CSS values"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-29400",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196029"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, \"attr={{.}}\") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of empty HTML attributes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn OpenShift Container Platform and Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users, reducing the impact to low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29400"
},
{
"category": "external",
"summary": "RHBZ#2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400"
},
{
"category": "external",
"summary": "https://go.dev/issue/59722",
"url": "https://go.dev/issue/59722"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of empty HTML attributes"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
],
"known_not_affected": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-25T12:32:35+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\n https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6109"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-api-rhel8@sha256:afc08bab3b5b19bcd4003819d4e1bc1c9c3faf71370154ee1695c9a3a6192223_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-must-gather-rhel8@sha256:0b766d8e51580920d3b558eaac237b39b70f890127adaac34177aff1b97596fa_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhel8-operator@sha256:30cea757cbe41f54ecfd59320ea92351e1209f5646c7346d7d7563e383e988bb_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-rhv-populator-rhel8@sha256:f1c946eb52c6464db8a68cd4c6b61b6df145c68aef4a4858651076ba27d5c40b_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-ui-rhel8@sha256:f872479bcfbf35cae89eb3c95005067b8e64aca090cc058c4e4a1f0db56df9ff_amd64",
"8Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-warm-rhel8@sha256:c8a7ee4f36ffc0206d614ad47ce95a13aacdf80a47e1ea7209e0f9824914c36c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-api-rhel9@sha256:61de05b8dffe208fb8d4c00aed8bba71a4e428f74cc06b936debfbe4fb640747_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-console-plugin-rhel9@sha256:3022d96f38b8900d1b545cbf045f96816194bfba917f08c2e67758f7928acf2c_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-controller-rhel9@sha256:c9b7db0c74e38e5f028b3b72066892c96b6f684575d395a197a0826c09d96e1d_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-openstack-populator-rhel9@sha256:cb8d1bc7320c4ba9caa1d3bb45e48c6d1d2b71799f5dc466c5de8b87579d0c63_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-operator-bundle@sha256:f3172be67364c2a3a5acc25976759e91643c30dfa4d034ea39884ce2be084741_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-populator-controller-rhel9@sha256:4bbec09dfd8021e9cf676f1fb85a0a3f168845b91421afa5ded7983a3561d301_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-validation-rhel9@sha256:8d9947ca76642dacb58290203f5ad003f7ca4f1a5a075ac584ab9e27018a0eed_amd64",
"9Base-MTV-2.4:migration-toolkit-virtualization/mtv-virt-v2v-rhel9@sha256:7ecf4ffb01ccf2cd92fa96407bca9e5b6054e3b5033ada74c98e00dca163d1f7_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6254
Vulnerability from csaf_redhat - Published: 2023-11-02 00:10 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform Assisted Installer version 2.26.1 release
Severity
Important
Notes
Topic: Assisted Installer version 2.26.1 is now available for Red Hat OpenShift Container Platform.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform related to the Assisted Installer.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Assisted Installer version 2.26.1 is now available for Red Hat OpenShift Container Platform.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform related to the Assisted Installer.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6254",
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "external",
"summary": "MGMT-13692",
"url": "https://issues.redhat.com/browse/MGMT-13692"
},
{
"category": "external",
"summary": "MGMT-15984",
"url": "https://issues.redhat.com/browse/MGMT-15984"
},
{
"category": "external",
"summary": "MGMT-16011",
"url": "https://issues.redhat.com/browse/MGMT-16011"
},
{
"category": "external",
"summary": "MGMT-16037",
"url": "https://issues.redhat.com/browse/MGMT-16037"
},
{
"category": "external",
"summary": "MGMT-16039",
"url": "https://issues.redhat.com/browse/MGMT-16039"
},
{
"category": "external",
"summary": "MGMT-16045",
"url": "https://issues.redhat.com/browse/MGMT-16045"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6254.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform Assisted Installer version 2.26.1 release",
"tracking": {
"current_release_date": "2026-06-04T04:29:31+00:00",
"generator": {
"date": "2026-06-04T04:29:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:6254",
"initial_release_date": "2023-11-02T00:10:43+00:00",
"revision_history": [
{
"date": "2023-11-02T00:10:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-02T00:10:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Assisted Installer 2.0",
"product": {
"name": "Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:assisted_installer:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562?arch=arm64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7?arch=s390x\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product_id": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-agent-rhel8\u0026tag=v1.0.0-292"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product_id": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product_id": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"product_identification_helper": {
"purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251?arch=amd64\u0026repository_url=registry.redhat.io/rhai-tech-preview/assisted-installer-reporter-rhel8\u0026tag=v1.0.0-375"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64 as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"relates_to_product_reference": "8Base-RHAI-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le as a component of Red Hat Assisted Installer 2.0",
"product_id": "8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
},
"product_reference": "rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le",
"relates_to_product_reference": "8Base-RHAI-2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"known_not_affected": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-02T00:10:43+00:00",
"details": "For OpenShift Container Platform 4.14, see the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"known_not_affected": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-02T00:10:43+00:00",
"details": "For OpenShift Container Platform 4.14, see the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6254"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:84e3c5280d8c0629324b3fbe9e82ac21c7f464a6f64ccb3a6155b24c37bf9040_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:9310948fdff425c553994efbc1d5ecac61ca9a4b2236e4f2d4bcf1805a3ff983_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:aac4a97cf6e5d6956e31336b1e19a7006a6a88dbd3bd96e6ba331bd59085e2ce_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-agent-rhel8@sha256:c6ee2abb6cca7244a282b8e6b3235e8df8b2864d39fe19919cb3db9047acb943_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:323987cc958f26387ebc08a488478e05d634fadc92fc9bf01a3027126b19e251_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:a404b59ec107bc7c1c7d9d19251d44136daf1c3ced06d8f2847fdf0451778562_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:c102491e8a8b7b8a40e09a9206cc3291cecedf5ab13ec1ef9cf3fcdeb1ff00b7_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-reporter-rhel8@sha256:d87f95f5c685d893fc10b447345964a16731fe5bb2b95dc5a5494c7fc7f0d37c_ppc64le",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:6f242c9c58eb6b963043634deb588c7650b4d9d920b552875cc38c7339dbe971_arm64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:87d17df6b11851fc76fc59baeb116f9b0476e295df7ae4a19dcc4cba28884450_s390x",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:daec8e0db2c276cd52a80115da4a52715f27584ea0d699ba9583786dfae2bf3b_amd64",
"8Base-RHAI-2.0:rhai-tech-preview/assisted-installer-rhel8@sha256:e74ce2a65fefa286b1583aaad613736035c7052fe8d4bf53d315365c61696dba_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2023:6863
Vulnerability from csaf_redhat - Published: 2023-11-09 18:33 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: LVMS 4.14.z Bug Fix and Enhancement update
Severity
Important
Notes
Topic: Updated container images that fix multiple bugs are now available
for LVMS 4.14.z.
Details: Logical volume manager storage (LVMS) uses the TopoLVM CSI driver to
dynamically provision local storage on single node OpenShift clusters.
Logical volume manager storage creates thin-provisioned volumes using the
Logical Volume Manager and provides dynamic provisioning of block storage
on a single node OpenShift cluster with limited resources.
Users of LVMS are advised to upgrade to the latest version of the LVMS in
OpenShift Container Platform, which fixes these bugs and adds these
enhancements.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated container images that fix multiple bugs are now available\nfor LVMS 4.14.z.",
"title": "Topic"
},
{
"category": "general",
"text": "Logical volume manager storage (LVMS) uses the TopoLVM CSI driver to\ndynamically provision local storage on single node OpenShift clusters.\n\nLogical volume manager storage creates thin-provisioned volumes using the\nLogical Volume Manager and provides dynamic provisioning of block storage\non a single node OpenShift cluster with limited resources.\n\nUsers of LVMS are advised to upgrade to the latest version of the LVMS in\nOpenShift Container Platform, which fixes these bugs and adds these\nenhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6863",
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "external",
"summary": "OCPBUGS-17180",
"url": "https://issues.redhat.com/browse/OCPBUGS-17180"
},
{
"category": "external",
"summary": "OCPEDGE-591",
"url": "https://issues.redhat.com/browse/OCPEDGE-591"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6863.json"
}
],
"title": "Red Hat Bug Fix Advisory: LVMS 4.14.z Bug Fix and Enhancement update",
"tracking": {
"current_release_date": "2026-06-04T04:29:32+00:00",
"generator": {
"date": "2026-06-04T04:29:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2023:6863",
"initial_release_date": "2023-11-09T18:33:40+00:00",
"revision_history": [
{
"date": "2023-11-09T18:33:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-09T18:33:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "LVMS 4.14 for RHEL 9",
"product": {
"name": "LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:lvms:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "logical volume manager storage"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product_id": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product_id": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product_id": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4?arch=amd64\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product_id": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product_id": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product_id": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349?arch=ppc64le\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product_id": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product_id": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product_id": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633?arch=s390x\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product_id": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-must-gather-rhel9\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product": {
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product_id": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-operator-bundle\u0026tag=v4.14.1-4"
}
}
},
{
"category": "product_version",
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product": {
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product_id": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/lvms-rhel9-operator\u0026tag=v4.14.1-3"
}
}
},
{
"category": "product_version",
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product": {
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product_id": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"product_identification_helper": {
"purl": "pkg:oci/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34?arch=arm64\u0026repository_url=registry.redhat.io/lvms4/topolvm-rhel9\u0026tag=v4.14.1-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64"
},
"product_reference": "lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le"
},
"product_reference": "lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
},
"product_reference": "lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64 as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"relates_to_product_reference": "9Base-LVMS-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le as a component of LVMS 4.14 for RHEL 9",
"product_id": "9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
},
"product_reference": "lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le",
"relates_to_product_reference": "9Base-LVMS-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"known_not_affected": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-09T18:33:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"known_not_affected": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-09T18:33:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6863"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:3abc7f735860ae910e9fcd5d1e419af66911ebd6a502ad85c2e2753536749cdb_s390x",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:a83ab3e4e4174243bba1fbe96052ec8a5f0c4c5f74d8ecb04f5647796736f348_arm64",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:bfaee17835e1411c3e916e992a510641d2ddaaa2a4a85243b6f27fec541eae3a_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-must-gather-rhel9@sha256:e21c0af48138064f6904e2fb459b76239c9f3e1dffddac5dfc55e0f38eea5559_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:0523ba33f11bf19e68a53ca564e78132d0ac5f819ac3cf52cbac0b5cc426053d_arm64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:8f9e651d7cbfd546991f05a5e05ac8331fbd5ec676f227e12bb13f2f4fd670d3_s390x",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:b67d52a00937fb779cc98c18c1d8d21797363b19b6f4da04c1df0508698ac7cd_amd64",
"9Base-LVMS-4.14:lvms4/lvms-operator-bundle@sha256:c683e4da500bbb8753b184e43377bf7525fb6ffb20750a6695973025d3bce221_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:73c2e385e0d1c1e120362af30c9fa161975b47307e4c771468365b7a3a3a365a_arm64",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:7c0183f3a8d40a6e24e3f5ae28dbeecea7f09e866b8704a70b676639835d12af_s390x",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:9c47279574868a772f7d14d9de8da670df5101287a5486347b9bd00586e78c17_ppc64le",
"9Base-LVMS-4.14:lvms4/lvms-rhel9-operator@sha256:a3cdbde1cbc51deb706c99935de6737bda7ef1b4f54fc3ba59a18696285c9a6c_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:0897e589f2dd003f58e09ce1fef3288cc3f682a24096f0991b3dfdd217ff5c34_arm64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:cd9546b5a46c6e36327a972f26938d8cdc734649d61ed02648eed33dd29d9633_s390x",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:e97314d049510baa9d1021ac848f0826be1310cc870e6bd57aa3ef41cf8a0cc4_amd64",
"9Base-LVMS-4.14:lvms4/topolvm-rhel9@sha256:edb27e93b14212d79c959a1a325310d31496f53fac846049393f25ea18ec1349_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHBA-2024:0599
Vulnerability from csaf_redhat - Published: 2024-01-30 13:46 - Updated: 2026-06-04 04:29Summary
Red Hat Bug Fix Advisory: Migration Toolkit for Applications bug fix and enhancement update
Severity
Important
Notes
Topic: Migration Toolkit for Applications 7.0.0 release
Details: Migration Toolkit for Applications 7.0.0 Images
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
285 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Migration Toolkit for Applications 7.0.0 release",
"title": "Topic"
},
{
"category": "general",
"text": "Migration Toolkit for Applications 7.0.0 Images",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2024:0599",
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "external",
"summary": "MTA-1014",
"url": "https://issues.redhat.com/browse/MTA-1014"
},
{
"category": "external",
"summary": "MTA-1019",
"url": "https://issues.redhat.com/browse/MTA-1019"
},
{
"category": "external",
"summary": "MTA-1024",
"url": "https://issues.redhat.com/browse/MTA-1024"
},
{
"category": "external",
"summary": "MTA-1047",
"url": "https://issues.redhat.com/browse/MTA-1047"
},
{
"category": "external",
"summary": "MTA-1130",
"url": "https://issues.redhat.com/browse/MTA-1130"
},
{
"category": "external",
"summary": "MTA-1155",
"url": "https://issues.redhat.com/browse/MTA-1155"
},
{
"category": "external",
"summary": "MTA-1175",
"url": "https://issues.redhat.com/browse/MTA-1175"
},
{
"category": "external",
"summary": "MTA-1183",
"url": "https://issues.redhat.com/browse/MTA-1183"
},
{
"category": "external",
"summary": "MTA-1185",
"url": "https://issues.redhat.com/browse/MTA-1185"
},
{
"category": "external",
"summary": "MTA-1195",
"url": "https://issues.redhat.com/browse/MTA-1195"
},
{
"category": "external",
"summary": "MTA-1196",
"url": "https://issues.redhat.com/browse/MTA-1196"
},
{
"category": "external",
"summary": "MTA-1197",
"url": "https://issues.redhat.com/browse/MTA-1197"
},
{
"category": "external",
"summary": "MTA-1203",
"url": "https://issues.redhat.com/browse/MTA-1203"
},
{
"category": "external",
"summary": "MTA-1207",
"url": "https://issues.redhat.com/browse/MTA-1207"
},
{
"category": "external",
"summary": "MTA-1247",
"url": "https://issues.redhat.com/browse/MTA-1247"
},
{
"category": "external",
"summary": "MTA-1249",
"url": "https://issues.redhat.com/browse/MTA-1249"
},
{
"category": "external",
"summary": "MTA-1250",
"url": "https://issues.redhat.com/browse/MTA-1250"
},
{
"category": "external",
"summary": "MTA-1251",
"url": "https://issues.redhat.com/browse/MTA-1251"
},
{
"category": "external",
"summary": "MTA-1252",
"url": "https://issues.redhat.com/browse/MTA-1252"
},
{
"category": "external",
"summary": "MTA-1256",
"url": "https://issues.redhat.com/browse/MTA-1256"
},
{
"category": "external",
"summary": "MTA-1258",
"url": "https://issues.redhat.com/browse/MTA-1258"
},
{
"category": "external",
"summary": "MTA-1259",
"url": "https://issues.redhat.com/browse/MTA-1259"
},
{
"category": "external",
"summary": "MTA-1262",
"url": "https://issues.redhat.com/browse/MTA-1262"
},
{
"category": "external",
"summary": "MTA-1263",
"url": "https://issues.redhat.com/browse/MTA-1263"
},
{
"category": "external",
"summary": "MTA-1264",
"url": "https://issues.redhat.com/browse/MTA-1264"
},
{
"category": "external",
"summary": "MTA-1266",
"url": "https://issues.redhat.com/browse/MTA-1266"
},
{
"category": "external",
"summary": "MTA-1268",
"url": "https://issues.redhat.com/browse/MTA-1268"
},
{
"category": "external",
"summary": "MTA-1269",
"url": "https://issues.redhat.com/browse/MTA-1269"
},
{
"category": "external",
"summary": "MTA-1271",
"url": "https://issues.redhat.com/browse/MTA-1271"
},
{
"category": "external",
"summary": "MTA-1279",
"url": "https://issues.redhat.com/browse/MTA-1279"
},
{
"category": "external",
"summary": "MTA-1281",
"url": "https://issues.redhat.com/browse/MTA-1281"
},
{
"category": "external",
"summary": "MTA-1283",
"url": "https://issues.redhat.com/browse/MTA-1283"
},
{
"category": "external",
"summary": "MTA-1284",
"url": "https://issues.redhat.com/browse/MTA-1284"
},
{
"category": "external",
"summary": "MTA-1286",
"url": "https://issues.redhat.com/browse/MTA-1286"
},
{
"category": "external",
"summary": "MTA-1288",
"url": "https://issues.redhat.com/browse/MTA-1288"
},
{
"category": "external",
"summary": "MTA-1292",
"url": "https://issues.redhat.com/browse/MTA-1292"
},
{
"category": "external",
"summary": "MTA-1293",
"url": "https://issues.redhat.com/browse/MTA-1293"
},
{
"category": "external",
"summary": "MTA-1294",
"url": "https://issues.redhat.com/browse/MTA-1294"
},
{
"category": "external",
"summary": "MTA-1295",
"url": "https://issues.redhat.com/browse/MTA-1295"
},
{
"category": "external",
"summary": "MTA-1296",
"url": "https://issues.redhat.com/browse/MTA-1296"
},
{
"category": "external",
"summary": "MTA-1297",
"url": "https://issues.redhat.com/browse/MTA-1297"
},
{
"category": "external",
"summary": "MTA-1298",
"url": "https://issues.redhat.com/browse/MTA-1298"
},
{
"category": "external",
"summary": "MTA-1299",
"url": "https://issues.redhat.com/browse/MTA-1299"
},
{
"category": "external",
"summary": "MTA-1300",
"url": "https://issues.redhat.com/browse/MTA-1300"
},
{
"category": "external",
"summary": "MTA-1302",
"url": "https://issues.redhat.com/browse/MTA-1302"
},
{
"category": "external",
"summary": "MTA-1303",
"url": "https://issues.redhat.com/browse/MTA-1303"
},
{
"category": "external",
"summary": "MTA-1304",
"url": "https://issues.redhat.com/browse/MTA-1304"
},
{
"category": "external",
"summary": "MTA-1305",
"url": "https://issues.redhat.com/browse/MTA-1305"
},
{
"category": "external",
"summary": "MTA-1306",
"url": "https://issues.redhat.com/browse/MTA-1306"
},
{
"category": "external",
"summary": "MTA-1307",
"url": "https://issues.redhat.com/browse/MTA-1307"
},
{
"category": "external",
"summary": "MTA-1309",
"url": "https://issues.redhat.com/browse/MTA-1309"
},
{
"category": "external",
"summary": "MTA-1310",
"url": "https://issues.redhat.com/browse/MTA-1310"
},
{
"category": "external",
"summary": "MTA-1311",
"url": "https://issues.redhat.com/browse/MTA-1311"
},
{
"category": "external",
"summary": "MTA-1312",
"url": "https://issues.redhat.com/browse/MTA-1312"
},
{
"category": "external",
"summary": "MTA-1314",
"url": "https://issues.redhat.com/browse/MTA-1314"
},
{
"category": "external",
"summary": "MTA-1315",
"url": "https://issues.redhat.com/browse/MTA-1315"
},
{
"category": "external",
"summary": "MTA-1316",
"url": "https://issues.redhat.com/browse/MTA-1316"
},
{
"category": "external",
"summary": "MTA-1317",
"url": "https://issues.redhat.com/browse/MTA-1317"
},
{
"category": "external",
"summary": "MTA-1320",
"url": "https://issues.redhat.com/browse/MTA-1320"
},
{
"category": "external",
"summary": "MTA-1322",
"url": "https://issues.redhat.com/browse/MTA-1322"
},
{
"category": "external",
"summary": "MTA-1323",
"url": "https://issues.redhat.com/browse/MTA-1323"
},
{
"category": "external",
"summary": "MTA-1324",
"url": "https://issues.redhat.com/browse/MTA-1324"
},
{
"category": "external",
"summary": "MTA-1326",
"url": "https://issues.redhat.com/browse/MTA-1326"
},
{
"category": "external",
"summary": "MTA-1327",
"url": "https://issues.redhat.com/browse/MTA-1327"
},
{
"category": "external",
"summary": "MTA-1328",
"url": "https://issues.redhat.com/browse/MTA-1328"
},
{
"category": "external",
"summary": "MTA-1329",
"url": "https://issues.redhat.com/browse/MTA-1329"
},
{
"category": "external",
"summary": "MTA-1330",
"url": "https://issues.redhat.com/browse/MTA-1330"
},
{
"category": "external",
"summary": "MTA-1333",
"url": "https://issues.redhat.com/browse/MTA-1333"
},
{
"category": "external",
"summary": "MTA-1334",
"url": "https://issues.redhat.com/browse/MTA-1334"
},
{
"category": "external",
"summary": "MTA-1337",
"url": "https://issues.redhat.com/browse/MTA-1337"
},
{
"category": "external",
"summary": "MTA-1338",
"url": "https://issues.redhat.com/browse/MTA-1338"
},
{
"category": "external",
"summary": "MTA-1339",
"url": "https://issues.redhat.com/browse/MTA-1339"
},
{
"category": "external",
"summary": "MTA-1340",
"url": "https://issues.redhat.com/browse/MTA-1340"
},
{
"category": "external",
"summary": "MTA-1341",
"url": "https://issues.redhat.com/browse/MTA-1341"
},
{
"category": "external",
"summary": "MTA-1343",
"url": "https://issues.redhat.com/browse/MTA-1343"
},
{
"category": "external",
"summary": "MTA-1344",
"url": "https://issues.redhat.com/browse/MTA-1344"
},
{
"category": "external",
"summary": "MTA-1345",
"url": "https://issues.redhat.com/browse/MTA-1345"
},
{
"category": "external",
"summary": "MTA-1346",
"url": "https://issues.redhat.com/browse/MTA-1346"
},
{
"category": "external",
"summary": "MTA-1347",
"url": "https://issues.redhat.com/browse/MTA-1347"
},
{
"category": "external",
"summary": "MTA-1348",
"url": "https://issues.redhat.com/browse/MTA-1348"
},
{
"category": "external",
"summary": "MTA-1349",
"url": "https://issues.redhat.com/browse/MTA-1349"
},
{
"category": "external",
"summary": "MTA-1350",
"url": "https://issues.redhat.com/browse/MTA-1350"
},
{
"category": "external",
"summary": "MTA-1351",
"url": "https://issues.redhat.com/browse/MTA-1351"
},
{
"category": "external",
"summary": "MTA-1362",
"url": "https://issues.redhat.com/browse/MTA-1362"
},
{
"category": "external",
"summary": "MTA-1364",
"url": "https://issues.redhat.com/browse/MTA-1364"
},
{
"category": "external",
"summary": "MTA-1366",
"url": "https://issues.redhat.com/browse/MTA-1366"
},
{
"category": "external",
"summary": "MTA-1367",
"url": "https://issues.redhat.com/browse/MTA-1367"
},
{
"category": "external",
"summary": "MTA-1368",
"url": "https://issues.redhat.com/browse/MTA-1368"
},
{
"category": "external",
"summary": "MTA-1369",
"url": "https://issues.redhat.com/browse/MTA-1369"
},
{
"category": "external",
"summary": "MTA-1377",
"url": "https://issues.redhat.com/browse/MTA-1377"
},
{
"category": "external",
"summary": "MTA-1378",
"url": "https://issues.redhat.com/browse/MTA-1378"
},
{
"category": "external",
"summary": "MTA-1379",
"url": "https://issues.redhat.com/browse/MTA-1379"
},
{
"category": "external",
"summary": "MTA-1381",
"url": "https://issues.redhat.com/browse/MTA-1381"
},
{
"category": "external",
"summary": "MTA-1382",
"url": "https://issues.redhat.com/browse/MTA-1382"
},
{
"category": "external",
"summary": "MTA-1383",
"url": "https://issues.redhat.com/browse/MTA-1383"
},
{
"category": "external",
"summary": "MTA-1384",
"url": "https://issues.redhat.com/browse/MTA-1384"
},
{
"category": "external",
"summary": "MTA-1385",
"url": "https://issues.redhat.com/browse/MTA-1385"
},
{
"category": "external",
"summary": "MTA-1386",
"url": "https://issues.redhat.com/browse/MTA-1386"
},
{
"category": "external",
"summary": "MTA-1387",
"url": "https://issues.redhat.com/browse/MTA-1387"
},
{
"category": "external",
"summary": "MTA-1389",
"url": "https://issues.redhat.com/browse/MTA-1389"
},
{
"category": "external",
"summary": "MTA-1391",
"url": "https://issues.redhat.com/browse/MTA-1391"
},
{
"category": "external",
"summary": "MTA-1393",
"url": "https://issues.redhat.com/browse/MTA-1393"
},
{
"category": "external",
"summary": "MTA-1394",
"url": "https://issues.redhat.com/browse/MTA-1394"
},
{
"category": "external",
"summary": "MTA-1396",
"url": "https://issues.redhat.com/browse/MTA-1396"
},
{
"category": "external",
"summary": "MTA-1397",
"url": "https://issues.redhat.com/browse/MTA-1397"
},
{
"category": "external",
"summary": "MTA-1402",
"url": "https://issues.redhat.com/browse/MTA-1402"
},
{
"category": "external",
"summary": "MTA-1405",
"url": "https://issues.redhat.com/browse/MTA-1405"
},
{
"category": "external",
"summary": "MTA-1407",
"url": "https://issues.redhat.com/browse/MTA-1407"
},
{
"category": "external",
"summary": "MTA-1419",
"url": "https://issues.redhat.com/browse/MTA-1419"
},
{
"category": "external",
"summary": "MTA-1420",
"url": "https://issues.redhat.com/browse/MTA-1420"
},
{
"category": "external",
"summary": "MTA-1422",
"url": "https://issues.redhat.com/browse/MTA-1422"
},
{
"category": "external",
"summary": "MTA-1423",
"url": "https://issues.redhat.com/browse/MTA-1423"
},
{
"category": "external",
"summary": "MTA-1424",
"url": "https://issues.redhat.com/browse/MTA-1424"
},
{
"category": "external",
"summary": "MTA-1425",
"url": "https://issues.redhat.com/browse/MTA-1425"
},
{
"category": "external",
"summary": "MTA-1426",
"url": "https://issues.redhat.com/browse/MTA-1426"
},
{
"category": "external",
"summary": "MTA-1432",
"url": "https://issues.redhat.com/browse/MTA-1432"
},
{
"category": "external",
"summary": "MTA-1434",
"url": "https://issues.redhat.com/browse/MTA-1434"
},
{
"category": "external",
"summary": "MTA-1437",
"url": "https://issues.redhat.com/browse/MTA-1437"
},
{
"category": "external",
"summary": "MTA-1438",
"url": "https://issues.redhat.com/browse/MTA-1438"
},
{
"category": "external",
"summary": "MTA-1449",
"url": "https://issues.redhat.com/browse/MTA-1449"
},
{
"category": "external",
"summary": "MTA-1450",
"url": "https://issues.redhat.com/browse/MTA-1450"
},
{
"category": "external",
"summary": "MTA-1451",
"url": "https://issues.redhat.com/browse/MTA-1451"
},
{
"category": "external",
"summary": "MTA-1452",
"url": "https://issues.redhat.com/browse/MTA-1452"
},
{
"category": "external",
"summary": "MTA-1453",
"url": "https://issues.redhat.com/browse/MTA-1453"
},
{
"category": "external",
"summary": "MTA-1455",
"url": "https://issues.redhat.com/browse/MTA-1455"
},
{
"category": "external",
"summary": "MTA-1456",
"url": "https://issues.redhat.com/browse/MTA-1456"
},
{
"category": "external",
"summary": "MTA-1458",
"url": "https://issues.redhat.com/browse/MTA-1458"
},
{
"category": "external",
"summary": "MTA-1459",
"url": "https://issues.redhat.com/browse/MTA-1459"
},
{
"category": "external",
"summary": "MTA-1465",
"url": "https://issues.redhat.com/browse/MTA-1465"
},
{
"category": "external",
"summary": "MTA-1466",
"url": "https://issues.redhat.com/browse/MTA-1466"
},
{
"category": "external",
"summary": "MTA-1467",
"url": "https://issues.redhat.com/browse/MTA-1467"
},
{
"category": "external",
"summary": "MTA-1476",
"url": "https://issues.redhat.com/browse/MTA-1476"
},
{
"category": "external",
"summary": "MTA-1477",
"url": "https://issues.redhat.com/browse/MTA-1477"
},
{
"category": "external",
"summary": "MTA-1487",
"url": "https://issues.redhat.com/browse/MTA-1487"
},
{
"category": "external",
"summary": "MTA-1489",
"url": "https://issues.redhat.com/browse/MTA-1489"
},
{
"category": "external",
"summary": "MTA-1504",
"url": "https://issues.redhat.com/browse/MTA-1504"
},
{
"category": "external",
"summary": "MTA-1505",
"url": "https://issues.redhat.com/browse/MTA-1505"
},
{
"category": "external",
"summary": "MTA-1506",
"url": "https://issues.redhat.com/browse/MTA-1506"
},
{
"category": "external",
"summary": "MTA-1532",
"url": "https://issues.redhat.com/browse/MTA-1532"
},
{
"category": "external",
"summary": "MTA-1542",
"url": "https://issues.redhat.com/browse/MTA-1542"
},
{
"category": "external",
"summary": "MTA-1543",
"url": "https://issues.redhat.com/browse/MTA-1543"
},
{
"category": "external",
"summary": "MTA-1545",
"url": "https://issues.redhat.com/browse/MTA-1545"
},
{
"category": "external",
"summary": "MTA-1576",
"url": "https://issues.redhat.com/browse/MTA-1576"
},
{
"category": "external",
"summary": "MTA-1584",
"url": "https://issues.redhat.com/browse/MTA-1584"
},
{
"category": "external",
"summary": "MTA-1585",
"url": "https://issues.redhat.com/browse/MTA-1585"
},
{
"category": "external",
"summary": "MTA-1592",
"url": "https://issues.redhat.com/browse/MTA-1592"
},
{
"category": "external",
"summary": "MTA-1598",
"url": "https://issues.redhat.com/browse/MTA-1598"
},
{
"category": "external",
"summary": "MTA-1599",
"url": "https://issues.redhat.com/browse/MTA-1599"
},
{
"category": "external",
"summary": "MTA-1600",
"url": "https://issues.redhat.com/browse/MTA-1600"
},
{
"category": "external",
"summary": "MTA-1605",
"url": "https://issues.redhat.com/browse/MTA-1605"
},
{
"category": "external",
"summary": "MTA-1606",
"url": "https://issues.redhat.com/browse/MTA-1606"
},
{
"category": "external",
"summary": "MTA-1611",
"url": "https://issues.redhat.com/browse/MTA-1611"
},
{
"category": "external",
"summary": "MTA-1621",
"url": "https://issues.redhat.com/browse/MTA-1621"
},
{
"category": "external",
"summary": "MTA-1622",
"url": "https://issues.redhat.com/browse/MTA-1622"
},
{
"category": "external",
"summary": "MTA-1625",
"url": "https://issues.redhat.com/browse/MTA-1625"
},
{
"category": "external",
"summary": "MTA-1627",
"url": "https://issues.redhat.com/browse/MTA-1627"
},
{
"category": "external",
"summary": "MTA-1628",
"url": "https://issues.redhat.com/browse/MTA-1628"
},
{
"category": "external",
"summary": "MTA-1629",
"url": "https://issues.redhat.com/browse/MTA-1629"
},
{
"category": "external",
"summary": "MTA-1640",
"url": "https://issues.redhat.com/browse/MTA-1640"
},
{
"category": "external",
"summary": "MTA-1644",
"url": "https://issues.redhat.com/browse/MTA-1644"
},
{
"category": "external",
"summary": "MTA-1645",
"url": "https://issues.redhat.com/browse/MTA-1645"
},
{
"category": "external",
"summary": "MTA-1647",
"url": "https://issues.redhat.com/browse/MTA-1647"
},
{
"category": "external",
"summary": "MTA-1649",
"url": "https://issues.redhat.com/browse/MTA-1649"
},
{
"category": "external",
"summary": "MTA-1651",
"url": "https://issues.redhat.com/browse/MTA-1651"
},
{
"category": "external",
"summary": "MTA-1654",
"url": "https://issues.redhat.com/browse/MTA-1654"
},
{
"category": "external",
"summary": "MTA-1661",
"url": "https://issues.redhat.com/browse/MTA-1661"
},
{
"category": "external",
"summary": "MTA-1664",
"url": "https://issues.redhat.com/browse/MTA-1664"
},
{
"category": "external",
"summary": "MTA-1673",
"url": "https://issues.redhat.com/browse/MTA-1673"
},
{
"category": "external",
"summary": "MTA-1674",
"url": "https://issues.redhat.com/browse/MTA-1674"
},
{
"category": "external",
"summary": "MTA-1675",
"url": "https://issues.redhat.com/browse/MTA-1675"
},
{
"category": "external",
"summary": "MTA-1676",
"url": "https://issues.redhat.com/browse/MTA-1676"
},
{
"category": "external",
"summary": "MTA-1677",
"url": "https://issues.redhat.com/browse/MTA-1677"
},
{
"category": "external",
"summary": "MTA-1678",
"url": "https://issues.redhat.com/browse/MTA-1678"
},
{
"category": "external",
"summary": "MTA-1679",
"url": "https://issues.redhat.com/browse/MTA-1679"
},
{
"category": "external",
"summary": "MTA-1680",
"url": "https://issues.redhat.com/browse/MTA-1680"
},
{
"category": "external",
"summary": "MTA-1687",
"url": "https://issues.redhat.com/browse/MTA-1687"
},
{
"category": "external",
"summary": "MTA-1693",
"url": "https://issues.redhat.com/browse/MTA-1693"
},
{
"category": "external",
"summary": "MTA-1694",
"url": "https://issues.redhat.com/browse/MTA-1694"
},
{
"category": "external",
"summary": "MTA-1711",
"url": "https://issues.redhat.com/browse/MTA-1711"
},
{
"category": "external",
"summary": "MTA-1714",
"url": "https://issues.redhat.com/browse/MTA-1714"
},
{
"category": "external",
"summary": "MTA-1715",
"url": "https://issues.redhat.com/browse/MTA-1715"
},
{
"category": "external",
"summary": "MTA-1716",
"url": "https://issues.redhat.com/browse/MTA-1716"
},
{
"category": "external",
"summary": "MTA-1717",
"url": "https://issues.redhat.com/browse/MTA-1717"
},
{
"category": "external",
"summary": "MTA-1719",
"url": "https://issues.redhat.com/browse/MTA-1719"
},
{
"category": "external",
"summary": "MTA-1720",
"url": "https://issues.redhat.com/browse/MTA-1720"
},
{
"category": "external",
"summary": "MTA-1722",
"url": "https://issues.redhat.com/browse/MTA-1722"
},
{
"category": "external",
"summary": "MTA-1723",
"url": "https://issues.redhat.com/browse/MTA-1723"
},
{
"category": "external",
"summary": "MTA-1725",
"url": "https://issues.redhat.com/browse/MTA-1725"
},
{
"category": "external",
"summary": "MTA-1739",
"url": "https://issues.redhat.com/browse/MTA-1739"
},
{
"category": "external",
"summary": "MTA-1740",
"url": "https://issues.redhat.com/browse/MTA-1740"
},
{
"category": "external",
"summary": "MTA-1746",
"url": "https://issues.redhat.com/browse/MTA-1746"
},
{
"category": "external",
"summary": "MTA-1747",
"url": "https://issues.redhat.com/browse/MTA-1747"
},
{
"category": "external",
"summary": "MTA-1749",
"url": "https://issues.redhat.com/browse/MTA-1749"
},
{
"category": "external",
"summary": "MTA-1751",
"url": "https://issues.redhat.com/browse/MTA-1751"
},
{
"category": "external",
"summary": "MTA-1752",
"url": "https://issues.redhat.com/browse/MTA-1752"
},
{
"category": "external",
"summary": "MTA-1753",
"url": "https://issues.redhat.com/browse/MTA-1753"
},
{
"category": "external",
"summary": "MTA-1754",
"url": "https://issues.redhat.com/browse/MTA-1754"
},
{
"category": "external",
"summary": "MTA-1762",
"url": "https://issues.redhat.com/browse/MTA-1762"
},
{
"category": "external",
"summary": "MTA-1779",
"url": "https://issues.redhat.com/browse/MTA-1779"
},
{
"category": "external",
"summary": "MTA-1781",
"url": "https://issues.redhat.com/browse/MTA-1781"
},
{
"category": "external",
"summary": "MTA-1783",
"url": "https://issues.redhat.com/browse/MTA-1783"
},
{
"category": "external",
"summary": "MTA-1787",
"url": "https://issues.redhat.com/browse/MTA-1787"
},
{
"category": "external",
"summary": "MTA-1791",
"url": "https://issues.redhat.com/browse/MTA-1791"
},
{
"category": "external",
"summary": "MTA-1804",
"url": "https://issues.redhat.com/browse/MTA-1804"
},
{
"category": "external",
"summary": "MTA-1805",
"url": "https://issues.redhat.com/browse/MTA-1805"
},
{
"category": "external",
"summary": "MTA-1806",
"url": "https://issues.redhat.com/browse/MTA-1806"
},
{
"category": "external",
"summary": "MTA-1810",
"url": "https://issues.redhat.com/browse/MTA-1810"
},
{
"category": "external",
"summary": "MTA-1812",
"url": "https://issues.redhat.com/browse/MTA-1812"
},
{
"category": "external",
"summary": "MTA-1813",
"url": "https://issues.redhat.com/browse/MTA-1813"
},
{
"category": "external",
"summary": "MTA-1815",
"url": "https://issues.redhat.com/browse/MTA-1815"
},
{
"category": "external",
"summary": "MTA-1826",
"url": "https://issues.redhat.com/browse/MTA-1826"
},
{
"category": "external",
"summary": "MTA-1828",
"url": "https://issues.redhat.com/browse/MTA-1828"
},
{
"category": "external",
"summary": "MTA-1834",
"url": "https://issues.redhat.com/browse/MTA-1834"
},
{
"category": "external",
"summary": "MTA-1835",
"url": "https://issues.redhat.com/browse/MTA-1835"
},
{
"category": "external",
"summary": "MTA-1836",
"url": "https://issues.redhat.com/browse/MTA-1836"
},
{
"category": "external",
"summary": "MTA-1839",
"url": "https://issues.redhat.com/browse/MTA-1839"
},
{
"category": "external",
"summary": "MTA-1840",
"url": "https://issues.redhat.com/browse/MTA-1840"
},
{
"category": "external",
"summary": "MTA-1841",
"url": "https://issues.redhat.com/browse/MTA-1841"
},
{
"category": "external",
"summary": "MTA-1842",
"url": "https://issues.redhat.com/browse/MTA-1842"
},
{
"category": "external",
"summary": "MTA-1843",
"url": "https://issues.redhat.com/browse/MTA-1843"
},
{
"category": "external",
"summary": "MTA-1844",
"url": "https://issues.redhat.com/browse/MTA-1844"
},
{
"category": "external",
"summary": "MTA-1846",
"url": "https://issues.redhat.com/browse/MTA-1846"
},
{
"category": "external",
"summary": "MTA-1858",
"url": "https://issues.redhat.com/browse/MTA-1858"
},
{
"category": "external",
"summary": "MTA-1859",
"url": "https://issues.redhat.com/browse/MTA-1859"
},
{
"category": "external",
"summary": "MTA-1860",
"url": "https://issues.redhat.com/browse/MTA-1860"
},
{
"category": "external",
"summary": "MTA-1867",
"url": "https://issues.redhat.com/browse/MTA-1867"
},
{
"category": "external",
"summary": "MTA-1871",
"url": "https://issues.redhat.com/browse/MTA-1871"
},
{
"category": "external",
"summary": "MTA-1878",
"url": "https://issues.redhat.com/browse/MTA-1878"
},
{
"category": "external",
"summary": "MTA-1879",
"url": "https://issues.redhat.com/browse/MTA-1879"
},
{
"category": "external",
"summary": "MTA-1881",
"url": "https://issues.redhat.com/browse/MTA-1881"
},
{
"category": "external",
"summary": "MTA-1882",
"url": "https://issues.redhat.com/browse/MTA-1882"
},
{
"category": "external",
"summary": "MTA-1883",
"url": "https://issues.redhat.com/browse/MTA-1883"
},
{
"category": "external",
"summary": "MTA-1891",
"url": "https://issues.redhat.com/browse/MTA-1891"
},
{
"category": "external",
"summary": "MTA-1892",
"url": "https://issues.redhat.com/browse/MTA-1892"
},
{
"category": "external",
"summary": "MTA-1893",
"url": "https://issues.redhat.com/browse/MTA-1893"
},
{
"category": "external",
"summary": "MTA-1894",
"url": "https://issues.redhat.com/browse/MTA-1894"
},
{
"category": "external",
"summary": "MTA-1895",
"url": "https://issues.redhat.com/browse/MTA-1895"
},
{
"category": "external",
"summary": "MTA-1900",
"url": "https://issues.redhat.com/browse/MTA-1900"
},
{
"category": "external",
"summary": "MTA-1902",
"url": "https://issues.redhat.com/browse/MTA-1902"
},
{
"category": "external",
"summary": "MTA-1903",
"url": "https://issues.redhat.com/browse/MTA-1903"
},
{
"category": "external",
"summary": "MTA-1905",
"url": "https://issues.redhat.com/browse/MTA-1905"
},
{
"category": "external",
"summary": "MTA-1906",
"url": "https://issues.redhat.com/browse/MTA-1906"
},
{
"category": "external",
"summary": "MTA-1907",
"url": "https://issues.redhat.com/browse/MTA-1907"
},
{
"category": "external",
"summary": "MTA-1908",
"url": "https://issues.redhat.com/browse/MTA-1908"
},
{
"category": "external",
"summary": "MTA-1921",
"url": "https://issues.redhat.com/browse/MTA-1921"
},
{
"category": "external",
"summary": "MTA-1935",
"url": "https://issues.redhat.com/browse/MTA-1935"
},
{
"category": "external",
"summary": "MTA-1940",
"url": "https://issues.redhat.com/browse/MTA-1940"
},
{
"category": "external",
"summary": "MTA-1942",
"url": "https://issues.redhat.com/browse/MTA-1942"
},
{
"category": "external",
"summary": "MTA-1945",
"url": "https://issues.redhat.com/browse/MTA-1945"
},
{
"category": "external",
"summary": "MTA-1947",
"url": "https://issues.redhat.com/browse/MTA-1947"
},
{
"category": "external",
"summary": "MTA-1954",
"url": "https://issues.redhat.com/browse/MTA-1954"
},
{
"category": "external",
"summary": "MTA-1957",
"url": "https://issues.redhat.com/browse/MTA-1957"
},
{
"category": "external",
"summary": "MTA-1966",
"url": "https://issues.redhat.com/browse/MTA-1966"
},
{
"category": "external",
"summary": "MTA-1998",
"url": "https://issues.redhat.com/browse/MTA-1998"
},
{
"category": "external",
"summary": "MTA-2009",
"url": "https://issues.redhat.com/browse/MTA-2009"
},
{
"category": "external",
"summary": "MTA-2042",
"url": "https://issues.redhat.com/browse/MTA-2042"
},
{
"category": "external",
"summary": "MTA-2089",
"url": "https://issues.redhat.com/browse/MTA-2089"
},
{
"category": "external",
"summary": "MTA-393",
"url": "https://issues.redhat.com/browse/MTA-393"
},
{
"category": "external",
"summary": "MTA-466",
"url": "https://issues.redhat.com/browse/MTA-466"
},
{
"category": "external",
"summary": "MTA-473",
"url": "https://issues.redhat.com/browse/MTA-473"
},
{
"category": "external",
"summary": "MTA-696",
"url": "https://issues.redhat.com/browse/MTA-696"
},
{
"category": "external",
"summary": "MTA-701",
"url": "https://issues.redhat.com/browse/MTA-701"
},
{
"category": "external",
"summary": "MTA-742",
"url": "https://issues.redhat.com/browse/MTA-742"
},
{
"category": "external",
"summary": "MTA-748",
"url": "https://issues.redhat.com/browse/MTA-748"
},
{
"category": "external",
"summary": "MTA-810",
"url": "https://issues.redhat.com/browse/MTA-810"
},
{
"category": "external",
"summary": "MTA-849",
"url": "https://issues.redhat.com/browse/MTA-849"
},
{
"category": "external",
"summary": "MTA-991",
"url": "https://issues.redhat.com/browse/MTA-991"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhba-2024_0599.json"
}
],
"title": "Red Hat Bug Fix Advisory: Migration Toolkit for Applications bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-06-04T04:29:33+00:00",
"generator": {
"date": "2026-06-04T04:29:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2024:0599",
"initial_release_date": "2024-01-30T13:46:48+00:00",
"revision_history": [
{
"date": "2024-01-30T13:46:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-30T13:46:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MTA 7.0 for RHEL 9",
"product": {
"name": "MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9"
}
}
},
{
"category": "product_name",
"name": "MTA 7.0 for RHEL 8",
"product": {
"name": "MTA 7.0 for RHEL 8",
"product_id": "8Base-MTA-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el8"
}
}
}
],
"category": "product_family",
"name": "Migration Toolkit for Applications"
},
{
"branches": [
{
"category": "product_version",
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product": {
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product_id": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-addon-rhel9\u0026tag=7.0.0-36"
}
}
},
{
"category": "product_version",
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product": {
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product_id": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-analyzer-lsp-rhel9\u0026tag=7.0.0-22"
}
}
},
{
"category": "product_version",
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product": {
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product_id": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-cli-rhel9\u0026tag=7.0.0-44"
}
}
},
{
"category": "product_version",
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product": {
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product_id": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-hub-rhel9\u0026tag=7.0.0-31"
}
}
},
{
"category": "product_version",
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product": {
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product_id": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-operator-bundle\u0026tag=7.0.0-63"
}
}
},
{
"category": "product_version",
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product": {
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product_id": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-rhel8-operator\u0026tag=7.0.0-13"
}
}
},
{
"category": "product_version",
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product": {
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product_id": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-ui-rhel9\u0026tag=7.0.0-25"
}
}
},
{
"category": "product_version",
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product": {
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product_id": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-windup-shim-rhel9\u0026tag=7.0.0-31"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 as a component of MTA 7.0 for RHEL 8",
"product_id": "8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64"
},
"product_reference": "mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"relates_to_product_reference": "8Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64"
},
"product_reference": "mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64"
},
"product_reference": "mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
},
"product_reference": "mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64"
},
"product_reference": "mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64"
},
"product_reference": "mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64"
},
"product_reference": "mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 as a component of MTA 7.0 for RHEL 9",
"product_id": "9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
},
"product_reference": "mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64",
"relates_to_product_reference": "9Base-MTA-7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"known_not_affected": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:46:48+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"known_not_affected": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:46:48+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:0599"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-MTA-7.0:mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64",
"9Base-MTA-7.0:mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64",
"9Base-MTA-7.0:mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64",
"9Base-MTA-7.0:mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64",
"9Base-MTA-7.0:mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64",
"9Base-MTA-7.0:mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64",
"9Base-MTA-7.0:mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHEA-2023:7235
Vulnerability from csaf_redhat - Published: 2023-11-15 09:45 - Updated: 2026-06-04 04:29Summary
Red Hat Enhancement Advisory: ACS 4.3 enhancement update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes.
Details: Release of ACS 4.3 provides these changes:
New features:
* Increased support for hardware and software
* Vulnerability reporting 2.0 is generally available
* Watch and scan images in Vulnerability Management 2.0
* View administration events information
* Scan images by using the roxctl CLI
* Invite users to your RHACS instance
Notable technical changes:
* When audit logging is enabled, audit log messages now include the source IP address of the audit log request.
* The default policy "Iptables Executed in Privileged Container" has been renamed to "Iptables or nftables Executed in Privileged Container" and now also detects the nft process which is used by nftables.
* Risk reprocessing timing has been shifted to improve system performance by debouncing expensive risk calculations.
For more information on new features and notable technical changes, see the Red Hat Advanced Cluster Security for Kubernetes 4.3 Release Notes.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of ACS 4.3 provides these changes:\n\nNew features:\n\n* Increased support for hardware and software\n* Vulnerability reporting 2.0 is generally available\n* Watch and scan images in Vulnerability Management 2.0\n* View administration events information\n* Scan images by using the roxctl CLI\n* Invite users to your RHACS instance\n\nNotable technical changes:\n\n* When audit logging is enabled, audit log messages now include the source IP address of the audit log request. \n* The default policy \"Iptables Executed in Privileged Container\" has been renamed to \"Iptables or nftables Executed in Privileged Container\" and now also detects the nft process which is used by nftables.\n* Risk reprocessing timing has been shifted to improve system performance by debouncing expensive risk calculations. \n\nFor more information on new features and notable technical changes, see the Red Hat Advanced Cluster Security for Kubernetes 4.3 Release Notes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2023:7235",
"url": "https://access.redhat.com/errata/RHEA-2023:7235"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.3/release_notes/43-release-notes.html",
"url": "https://docs.openshift.com/acs/4.3/release_notes/43-release-notes.html"
},
{
"category": "external",
"summary": "ROX-20653",
"url": "https://issues.redhat.com/browse/ROX-20653"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhea-2023_7235.json"
}
],
"title": "Red Hat Enhancement Advisory: ACS 4.3 enhancement update",
"tracking": {
"current_release_date": "2026-06-04T04:29:33+00:00",
"generator": {
"date": "2026-06-04T04:29:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHEA-2023:7235",
"initial_release_date": "2023-11-15T09:45:23+00:00",
"revision_history": [
{
"date": "2023-11-15T09:45:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-15T09:45:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.3 for RHEL 8",
"product": {
"name": "RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.0-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.0-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.0-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.0-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.0-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.0-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.0-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T09:45:23+00:00",
"details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 4.3, you are advised to upgrade to RHACS 4.3.0.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2023:7235"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-15T09:45:23+00:00",
"details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 4.3, you are advised to upgrade to RHACS 4.3.0.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2023:7235"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3bc1334aaee127fc1574fe596038f32f179c21002de6915f8586d412271b91d0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3cd8fac5bf5766946d8ac21b7c7d3def12c7cad75ef7b713edfe87fb91fd9c35_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6acd2390016479b63d0dd7c3cbe2a08de658743aa5d9ab77a7a5a4203f5b3f47_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:36353dc73df524e874b6e637e96ee66dfafc56445b093ad4209cb55028f64394_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:4a957ae8b2dd2c97230ac46fe7ba5a29f18be265663757ec433e8058fe7781de_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:5ff59bd3c13dcf58fe94d8a51387e8fcc42d70d00541fe79b790b520217540d8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:62935f4547ca279ac7eed8881b8377eb11795195496982033700ec88f00ec35f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e1e02767ed017d12a4a88d823c33a5fd8c8aaafdb892955be98e41350b523f5f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb3b3623a7636da67779f44c04d5a3290824581abd427d60910e609a02bb2eb6_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:7b0b4aed0e1451d0e6133eb4fcde260136713b8d1371251478f713e01efe5bef_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:d5919c766abcc69724a7a292dcc70d5302bf355f6efc5bf3bcdd356e8e05d435_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:efb952d3ef97c51dbe6a90ec5d3601007dc0e28dcfbc87d17be9825d850e65d5_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:43a9ee6780734436b8fd6db4207f43a62e38fab40f53584e7c220d119d1a9249_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:c53b11f138c8d24dd7ebc248c07e4ee031c6c231a143173149e7824b92b54e28_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:ff41517cf745183c940b587be2d25f606ef0d3a5048f9455188d518655dbd85c_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:6d90f15e618405886cc10472f55158359a801e3244574a8267d7694433642957_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:c8e10ca75c96cbb5290f01eadb4f60ad890122d47c004462f0495b0563397715_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:e03805a49a8a7566353e902dab0254f6dc162c72e67d2a8914618c65cdd17f13_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:18e5a750da15d487d7a000994828ca16731181c27f9f962c4c0e49961fb41d78_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2212f7d3213255fc9ff1e16fd9de290cd3a2e483c525f64b02c2ba77b3100fe1_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:38c471b194111d1d10ff8d99eea2a5e6d125f8a9a7df950b2dde887756bfe08e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:39aeda6f5b8d24b722ce30e08511ee5d8f3a5121657a2c52af0af69c1e76d60f_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6178a82fd8c2e13f18f0eaa2edb323b7de9a981d600acffa6c5f6bf98c716722_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ab035bb09504612658cd919290d2e4d6ad02303464fdc2d50d2c87a06bce079f_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:111598796c6d907a9150b85a7d2ad70e22515a77a3e15a671e8b043b00dc3bc4_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4629f400475c0113cbda9bb5230de8676ca84d81f085fa5d92f110344f6188a0_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f5d6ef499ad1095fe9a8e548e35accf6cf018bab11f17c22054a5bb10f4cb288_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:244884cd861c50c1e9b6c0679707d2c0723798580a8d2341a188bcf357ed744c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:48822051f71b61062fb9df9264525121dc20b2b51a2ca3a01779ed9374ff2bb6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:b2757a431be62acbac4fc754850b902f0337f805c4be0c53590dcf275d2d6de3_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7dd7ea0fbda89f80325e7b38d8e3650ae9650ce0ddabb2f60f41984c64ed45cd_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:9c41bee1e96bad79733474ef9193faa5a6e45bbd3fce287111fdee789a52173e_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f326dcd3ac9c3b3b0161d9de9c9d05245af9a68a536e4a58c3ba375935e2f2f4_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHEA-2023:7327
Vulnerability from csaf_redhat - Published: 2023-11-16 12:15 - Updated: 2026-06-04 04:29Summary
Red Hat Enhancement Advisory: Red Hat 3scale API Management 2.13.7 Release - Container Images
Severity
Important
Notes
Topic: Red Hat 3scale API Management 2.13.7 Release - Container Images
Details: Release of 3scale API Management components provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64 | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x | — |
Workaround
|
|
| Unresolved product id: 7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat 3scale API Management 2.13.7 Release - Container Images",
"title": "Topic"
},
{
"category": "general",
"text": "Release of 3scale API Management components provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2023:7327",
"url": "https://access.redhat.com/errata/RHEA-2023:7327"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhea-2023_7327.json"
}
],
"title": "Red Hat Enhancement Advisory: Red Hat 3scale API Management 2.13.7 Release - Container Images",
"tracking": {
"current_release_date": "2026-06-04T04:29:33+00:00",
"generator": {
"date": "2026-06-04T04:29:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHEA-2023:7327",
"initial_release_date": "2023-11-16T12:15:55+00:00",
"revision_history": [
{
"date": "2023-11-16T12:15:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T12:15:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T04:29:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat 3Scale 2.13",
"product": {
"name": "Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:3scale:2.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat 3Scale 2.13",
"product": {
"name": "Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:3scale:2.13::el7"
}
}
}
],
"category": "product_family",
"name": "3scale API Management"
},
{
"branches": [
{
"category": "product_version",
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"product": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"product_id": "3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-gateway-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"product": {
"name": "3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"product_id": "3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/backend-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"product": {
"name": "3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"product_id": "3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/memcached-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"product": {
"name": "3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"product_id": "3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"product_identification_helper": {
"purl": "pkg:oci/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/system-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x",
"product": {
"name": "3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x",
"product_id": "3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/zync-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"product_id": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"product_id": "3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"product_id": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"product_id": "3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"product": {
"name": "3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"product_id": "3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0?arch=s390x\u0026repository_url=registry.redhat.io/3scale-amp2/toolbox-rhel8\u0026tag=3scale2.13.7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"product": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"product_id": "3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-gateway-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"product": {
"name": "3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"product_id": "3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/backend-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"product": {
"name": "3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"product_id": "3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/memcached-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"product": {
"name": "3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"product_id": "3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/system-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"product": {
"name": "3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"product_id": "3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/zync-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"product_id": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"product_id": "3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"product": {
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"product_id": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-auth-wasm-rhel8\u0026tag=3scale2.13.6"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"product_id": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"product_id": "3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"product": {
"name": "3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"product_id": "3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b?arch=ppc64le\u0026repository_url=registry.redhat.io/3scale-amp2/toolbox-rhel8\u0026tag=3scale2.13.7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"product": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"product_id": "3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-gateway-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"product": {
"name": "3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"product_id": "3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/backend-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"product": {
"name": "3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"product_id": "3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/memcached-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"product": {
"name": "3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"product_id": "3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/system-rhel7\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"product": {
"name": "3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"product_id": "3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"product_identification_helper": {
"purl": "pkg:oci/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/zync-rhel8\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"product_id": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"product": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"product_id": "3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/apicast-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"product": {
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"product_id": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-auth-wasm-rhel8\u0026tag=3scale2.13.6"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"product_id": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator-metadata\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"product": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"product_id": "3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/3scale-rhel7-operator\u0026tag=3scale2.13.7"
}
}
},
{
"category": "product_version",
"name": "3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"product": {
"name": "3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"product_id": "3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"product_identification_helper": {
"purl": "pkg:oci/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432?arch=amd64\u0026repository_url=registry.redhat.io/3scale-amp2/toolbox-rhel8\u0026tag=3scale2.13.7"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64"
},
"product_reference": "3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x"
},
"product_reference": "3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le"
},
"product_reference": "3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64"
},
"product_reference": "3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x"
},
"product_reference": "3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64"
},
"product_reference": "3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x"
},
"product_reference": "3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le"
},
"product_reference": "3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"relates_to_product_reference": "7Server-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64"
},
"product_reference": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le"
},
"product_reference": "3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x"
},
"product_reference": "3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le"
},
"product_reference": "3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64"
},
"product_reference": "3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le"
},
"product_reference": "3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x"
},
"product_reference": "3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64"
},
"product_reference": "3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le"
},
"product_reference": "3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x"
},
"product_reference": "3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64"
},
"product_reference": "3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64 as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64"
},
"product_reference": "3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le"
},
"product_reference": "3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"relates_to_product_reference": "8Base-3SCALE-2.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x as a component of Red Hat 3Scale 2.13",
"product_id": "8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
},
"product_reference": "3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x",
"relates_to_product_reference": "8Base-3SCALE-2.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64"
],
"known_not_affected": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T12:15:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.13/html-single/installing_3scale/index",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2023:7327"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64"
],
"known_not_affected": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T12:15:55+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.13/html-single/installing_3scale/index",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2023:7327"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:352ab243649889842cf0f326cd4fce1868cfa57eb544f553eea8a6cdd6cb4d3e_amd64",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7640944214f9431f5783368d7c9a5a25fcb1b1c897755c07872138a5bf5ec6f7_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator-metadata@sha256:7f09c8239d22e839a201e2baa598ded32f15f66b2736d51159c4c3710d34b472_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:bde9ba77661146621d353e6d0827060292c72b8542ae8fd5d3790411a823c639_s390x",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:cb57b7338561b5e2c18759726847e33a164f95440b9e5682654638297d5c5f69_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/3scale-rhel7-operator@sha256:f4508a6fffd3e604942e0e12239707e05cc5657765c100fb9953f0405206fd39_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:6da016547c24d2c1e044ae8f6639da6a2975792583501d4fd7d9839935941739_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:868ecb3ffa5a83b3eda3f7f4ba31dad0e57e97b857b657a46c8bbdfa69a27922_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator-metadata@sha256:cb9e6381aa2b748a0ca7d6a90de784bfded5a57e0446df6b217b9b5112dfa9bc_s390x",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:4975248f24d7a5bb414729f66d98957cdac23cabefb1b6b8b60bc50d5e4a4ec7_amd64",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:89b3c616730f3d88082e44fd9008c8c58dc85f7e3e55cf6817efc406e37fd861_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/apicast-rhel7-operator@sha256:f6b3e65a3acfdd12f3c091deecd95b86932ad1a0174d303a05fecca54c1cbc70_s390x",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:92320cd96dfb3e5279825f6a019c8c3c6d365252474dc4fe1ec9196d7e9d579f_ppc64le",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e42b92c87ce020174445ebb0d506dfff90da15c6710a2a1a046a61ad39052b90_amd64",
"7Server-3SCALE-2.13:3scale-amp2/memcached-rhel7@sha256:e66fe95ce5d29279dba41959c86a6c1c19d6e69cc4198bb1a6c994fbab47b009_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:18bdf176bc553ddf16c6738159c57b78b081ab646a051c130814cc84fcb3367f_amd64",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:e1ac0bd8d5178e30712cb9a1e88874a8c2093d562fa44bbf80ec131ae30a4e71_s390x",
"7Server-3SCALE-2.13:3scale-amp2/system-rhel7@sha256:f42d5705204ffbdbd3d72764d3a69008cad4b2384d630a44d5f700cdbba24a88_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:6482676ba77f470ff671ac523674e86a609cfa064b59edeba84f5431423fba8d_amd64",
"8Base-3SCALE-2.13:3scale-amp2/3scale-auth-wasm-rhel8@sha256:a3641417e69305f6aaffe22459879e0c550eabd5d814d19896a417a1aabb4c9f_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:8b98559a9d68b7169664db60c8e492cdf3319771bcffafbd50468e93cfef9cfe_s390x",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:c352f6912a4e54bfe725360994674b4ce8a815777db7d3554b6634e341d1ed5a_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/apicast-gateway-rhel8@sha256:d8cc91c649553c49e0da15f7ab7466be2e78ef3e00c2a7b743f69c1891b75dd5_amd64",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:081ef7a49e91fd6a88a89e3d5c61f47f59658a3688635dc9680e7182f5af74c5_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:3f67636d93ed7e1a5fd0ae3a9bc41e0ca4b80180d40638ffc9fc11e682740bfc_s390x",
"8Base-3SCALE-2.13:3scale-amp2/backend-rhel8@sha256:e18b80f1a9a2282f7073c91c4f17fb4e24aa4cf95dd17fe384f61fd844a0f48b_amd64",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:31b55a31c944120649adef59b3ed41ebb252acff454fafe9dd5bf5990abf7d1b_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:480e758bf61a1c77545daa8d078bf1f26ccfd5153723ea6e1159e61e5f11a5d0_s390x",
"8Base-3SCALE-2.13:3scale-amp2/toolbox-rhel8@sha256:4c3dc23845a2a2a4428e1d3c92f8154d6af74a4cd3b85770c7de41dc6cfe8432_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:13b6435c608b33a410e9766729a16f72b266158f5b176640cc8c8b46d5fd8987_amd64",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:4e785267cfbe9e1bd7bb819606796cd6b7d1765bf6450870e66ef5a4e7e1fbb0_ppc64le",
"8Base-3SCALE-2.13:3scale-amp2/zync-rhel8@sha256:eaa567f706c71f6351d4db8434094d5cf1e89c0c8aa2abee66734bf1225929f4_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…