{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 17.1.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "A highly-available key value store for shared configuration\n\nShared library for infrawatch golang components\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:5970",
        "url": "https://access.redhat.com/errata/RHSA-2023:5970"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
        "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
      },
      {
        "category": "external",
        "summary": "2242803",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
      },
      {
        "category": "external",
        "summary": "2243296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5970.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (collectd-libpod-stats) security update",
    "tracking": {
      "current_release_date": "2026-06-04T17:41:01+00:00",
      "generator": {
        "date": "2026-06-04T17:41:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2023:5970",
      "initial_release_date": "2023-10-20T14:51:03+00:00",
      "revision_history": [
        {
          "date": "2023-10-20T14:51:03+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-10-20T14:51:03+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-04T17:41:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenStack Platform 17.1",
                "product": {
                  "name": "Red Hat OpenStack Platform 17.1",
                  "product_id": "8Base-RHOS-17.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:17.1::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.src",
                "product": {
                  "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.src",
                  "product_id": "collectd-libpod-stats-0:1.0.5-6.el8ost.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/collectd-libpod-stats@1.0.5-6.el8ost?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64",
                "product": {
                  "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64",
                  "product_id": "collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/collectd-libpod-stats@1.0.5-6.el8ost?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.src as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src"
        },
        "product_reference": "collectd-libpod-stats-0:1.0.5-6.el8ost.src",
        "relates_to_product_reference": "8Base-RHOS-17.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
        },
        "product_reference": "collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64",
        "relates_to_product_reference": "8Base-RHOS-17.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-39325",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2243296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
          "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2243296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/63417",
          "url": "https://go.dev/issue/63417"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T14:51:03+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5970"
        },
        {
          "category": "workaround",
          "details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2242803"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
          "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "RHBZ#2242803",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://github.com/dotnet/announcements/issues/277",
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T14:51:03+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5970"
        },
        {
          "category": "workaround",
          "details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n     a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n     b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n     c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n     d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n     e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.src",
            "8Base-RHOS-17.1:collectd-libpod-stats-0:1.0.5-6.el8ost.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-10-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17.1.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:5971",
        "url": "https://access.redhat.com/errata/RHSA-2023:5971"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
        "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
      },
      {
        "category": "external",
        "summary": "2228743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
      },
      {
        "category": "external",
        "summary": "2242803",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
      },
      {
        "category": "external",
        "summary": "2243296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5971.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (director-operator) security update",
    "tracking": {
      "current_release_date": "2026-06-04T17:41:01+00:00",
      "generator": {
        "date": "2026-06-04T17:41:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2023:5971",
      "initial_release_date": "2023-10-20T14:56:06+00:00",
      "revision_history": [
        {
          "date": "2023-10-20T14:56:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-10-20T14:56:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-04T17:41:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenStack Platform 17.1",
                "product": {
                  "name": "Red Hat OpenStack Platform 17.1",
                  "product_id": "9Base-RHOS-17.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:17.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
                "product": {
                  "name": "rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
                  "product_id": "rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-agent\u0026tag=1.3.1-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
                "product": {
                  "name": "rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
                  "product_id": "rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-downloader\u0026tag=1.3.1-9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
                "product": {
                  "name": "rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
                  "product_id": "rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle\u0026tag=1.3.1-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64",
                "product": {
                  "name": "rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64",
                  "product_id": "rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9/osp-director-operator\u0026tag=1.3.1-11"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64 as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64"
        },
        "product_reference": "rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
        "relates_to_product_reference": "9Base-RHOS-17.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64 as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64"
        },
        "product_reference": "rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
        "relates_to_product_reference": "9Base-RHOS-17.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64 as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64"
        },
        "product_reference": "rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
        "relates_to_product_reference": "9Base-RHOS-17.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64 as a component of Red Hat OpenStack Platform 17.1",
          "product_id": "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
        },
        "product_reference": "rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64",
        "relates_to_product_reference": "9Base-RHOS-17.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-29409",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-08-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2228743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "RHBZ#2228743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/515257",
          "url": "https://go.dev/cl/515257"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/61460",
          "url": "https://go.dev/issue/61460"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1987",
          "url": "https://pkg.go.dev/vuln/GO-2023-1987"
        }
      ],
      "release_date": "2023-08-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T14:56:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5971"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
    },
    {
      "cve": "CVE-2023-39325",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2243296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2243296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/63417",
          "url": "https://go.dev/issue/63417"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T14:56:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5971"
        },
        {
          "category": "workaround",
          "details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2242803"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
          "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "RHBZ#2242803",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://github.com/dotnet/announcements/issues/277",
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T14:56:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5971"
        },
        {
          "category": "workaround",
          "details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n     a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n     b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n     c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n     d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n     e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-agent@sha256:10b51664c656a13faaeb88dbdf8a212006ebcf144b473c3df4366b26716595ca_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-downloader@sha256:8f2ce2bf02b1b9c4459abdf4074245715aa38445dccdb103c9d7666bb2986046_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator-bundle@sha256:ab0228b2f438f9d6684b6ab270988b46c7e66588abf2c323605f0759e52fd27b_amd64",
            "9Base-RHOS-17.1:rhosp-rhel9/osp-director-operator@sha256:234d616518185e0cedbc3ba80bcb92f81cfdfa20854387aefa472a87c978bde3_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-10-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template:  improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:5974",
        "url": "https://access.redhat.com/errata/RHSA-2023:5974"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
        "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
      },
      {
        "category": "external",
        "summary": "2222167",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
      },
      {
        "category": "external",
        "summary": "2228743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
      },
      {
        "category": "external",
        "summary": "2237773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
      },
      {
        "category": "external",
        "summary": "2237776",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
      },
      {
        "category": "external",
        "summary": "2237777",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
      },
      {
        "category": "external",
        "summary": "2237778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
      },
      {
        "category": "external",
        "summary": "2242803",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
      },
      {
        "category": "external",
        "summary": "2243296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
      },
      {
        "category": "external",
        "summary": "NETOBSERV-1344",
        "url": "https://issues.redhat.com/browse/NETOBSERV-1344"
      },
      {
        "category": "external",
        "summary": "NETOBSERV-926",
        "url": "https://issues.redhat.com/browse/NETOBSERV-926"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5974.json"
      }
    ],
    "title": "Red Hat Security Advisory: Network Observability security update",
    "tracking": {
      "current_release_date": "2026-06-04T17:41:02+00:00",
      "generator": {
        "date": "2026-06-04T17:41:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2023:5974",
      "initial_release_date": "2023-10-20T16:49:58+00:00",
      "revision_history": [
        {
          "date": "2023-10-20T16:49:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-10-20T16:49:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-04T17:41:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "NETOBSERV 1.4 for RHEL 9",
                "product": {
                  "name": "NETOBSERV 1.4 for RHEL 9",
                  "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:network_observ_optr:1.4.0::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Network Observability"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
                "product": {
                  "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
                  "product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
                "product": {
                  "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
                  "product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
                "product": {
                  "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
                  "product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
                "product": {
                  "name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
                  "product_id": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
                "product": {
                  "name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
                  "product_id": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
                "product": {
                  "name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
                  "product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
                "product": {
                  "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
                  "product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
                "product": {
                  "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
                  "product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
                "product": {
                  "name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
                  "product_id": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
                "product": {
                  "name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
                  "product_id": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
                "product": {
                  "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
                  "product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
                "product": {
                  "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
                  "product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
                "product": {
                  "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
                  "product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
                "product": {
                  "name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
                  "product_id": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
                "product": {
                  "name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
                  "product_id": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
                "product": {
                  "name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
                  "product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
                "product": {
                  "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
                  "product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
                "product": {
                  "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
                  "product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.4.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
                "product": {
                  "name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
                  "product_id": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.4.0-70"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
                "product": {
                  "name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
                  "product_id": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.4.0-51"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64"
        },
        "product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64"
        },
        "product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x"
        },
        "product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le"
        },
        "product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64"
        },
        "product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x"
        },
        "product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64"
        },
        "product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le"
        },
        "product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x"
        },
        "product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le"
        },
        "product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64"
        },
        "product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64"
        },
        "product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le"
        },
        "product_reference": "network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64"
        },
        "product_reference": "network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x"
        },
        "product_reference": "network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        },
        "product_reference": "network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64"
        },
        "product_reference": "network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x"
        },
        "product_reference": "network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64 as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64"
        },
        "product_reference": "network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le as a component of NETOBSERV 1.4 for RHEL 9",
          "product_id": "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        },
        "product_reference": "network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le",
        "relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.4.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-29406",
      "cwe": {
        "id": "CWE-113",
        "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
      },
      "discovery_date": "2023-07-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2222167"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: insufficient sanitization of Host header",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "RHBZ#2222167",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
          "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
        }
      ],
      "release_date": "2023-07-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: insufficient sanitization of Host header"
    },
    {
      "cve": "CVE-2023-29409",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-08-03T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2228743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "RHBZ#2228743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/515257",
          "url": "https://go.dev/cl/515257"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/61460",
          "url": "https://go.dev/issue/61460"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1987",
          "url": "https://pkg.go.dev/vuln/GO-2023-1987"
        }
      ],
      "release_date": "2023-08-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Takeshi Kaneko"
          ],
          "organization": "GMO Cybersecurity by Ierae, Inc."
        }
      ],
      "cve": "CVE-2023-39318",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237776"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: html/template: improper handling of HTML-like comments within script contexts",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39318"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237776",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/526156",
          "url": "https://go.dev/cl/526156"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/62196",
          "url": "https://go.dev/issue/62196"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
          "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
        },
        {
          "category": "external",
          "summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
          "url": "https://vuln.go.dev/ID/GO-2023-2041.json"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: html/template: improper handling of HTML-like comments within script contexts"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Takeshi Kaneko"
          ],
          "organization": "GMO Cybersecurity by Ierae, Inc."
        }
      ],
      "cve": "CVE-2023-39319",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237773"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: html/template: improper handling of special tags within script contexts",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39319"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237773",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/526157",
          "url": "https://go.dev/cl/526157"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/62197",
          "url": "https://go.dev/issue/62197"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
          "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
        },
        {
          "category": "external",
          "summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
          "url": "https://vuln.go.dev/ID/GO-2023-2043.json"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: html/template: improper handling of special tags within script contexts"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Martin Seemann"
          ]
        }
      ],
      "cve": "CVE-2023-39321",
      "cwe": {
        "id": "CWE-805",
        "name": "Buffer Access with Incorrect Length Value"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237777"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw has been marked as moderate instead of high like NVD \nQUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message, while HandleData doesn\u0027t limit the amount of data it can buffer, a panic or denial of service would likely be lower severity,also in order to exploit this vulnerability, an attacker would have to smuggle partial handshake data which might be rejected altogether as per tls RFC specification.Therfore because of a lower severity denial of service and conditions that are beyond the scope of attackers control,we have marked this as moderate severity",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39321"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237777",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/523039",
          "url": "https://go.dev/cl/523039"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/62266",
          "url": "https://go.dev/issue/62266"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
          "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
        },
        {
          "category": "external",
          "summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
          "url": "https://vuln.go.dev/ID/GO-2023-2044.json"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Marten Seemann"
          ]
        }
      ],
      "cve": "CVE-2023-39322",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237778"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A vulnerability was found in the Go QUIC protocol implementation in the logic that processes post-handshake messages. It is an uncontrolled resource consumption flaw, triggered when a malicious connection sends data without an enforced upper bound. This leads to unbounded memory growth, causing the service to crash and resulting in a denial of service.The single-dimensional impact of denial of service and the added complexity of whether the resource exhaustion would happen, being out of an attacker\u0027s control,this has been rated as moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39322"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237778",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/523039",
          "url": "https://go.dev/cl/523039"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/62266",
          "url": "https://go.dev/issue/62266"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
          "url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
        },
        {
          "category": "external",
          "summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
          "url": "https://vuln.go.dev/ID/GO-2023-2045.json"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
    },
    {
      "cve": "CVE-2023-39325",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2243296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2243296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/63417",
          "url": "https://go.dev/issue/63417"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        },
        {
          "category": "workaround",
          "details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2242803"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
        ],
        "known_not_affected": [
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
          "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "RHBZ#2242803",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://github.com/dotnet/announcements/issues/277",
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T16:49:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5974"
        },
        {
          "category": "workaround",
          "details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n     a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n     b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n     c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n     d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n     e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:5da2ecf1149394e0c64af7c8e8a2684012590838031e4c733d6eff7f30cd6265_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ae91d40862457c43c130aa081a66bcedca17dce7dce0f381143b244dd126bc12_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:ce5c9ef5800ed30888dcb23aa2ed9cf56bd83767d572a51e3e3e1509a2539063_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-console-plugin-rhel9@sha256:e0239a8ff86253729b9af04e6407283c51744497fea90d099afaceaa4fc823ec_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:27ecc916ce170d505d828742fa29d20143c4443343b101a2a9d75fe086b515f1_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:350a8565fb297353c81571bad33f0fca5ab129560ad7f15de242db98c4709b3c_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:488df8c38e377719771c758b71f1e966d76bb03da6217e09c29c21fec12c437d_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:84ffa04b7ae504efc0037c3ae14c0e4d4f99057593a2db2bbbfcf92e526d2c7c_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:03484bd14253a7340f754a6f1aef5659cfd5a6844ffbdfb2f215321b6fc63644_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:2dc033562cb43480543ff398284933993006741e83f453228a9902a2c9b3ff1d_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:61c172961af1a895e9cb355573f1f8a780e7acecc505c58c18faeb9fc49efa66_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:a297d29025aa9d1e963daf0c4b076533da59ddd84825e79d6e6b0e921e8c2588_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:1607eb2595aa0679f571d81c19840cfaf923908553b05d479bd35b2290b1d7e6_ppc64le",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:6f998bb3b7d5311d8e74b25f8fcfe4ae65897270da3c0763ca2cb1d763135bc4_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:8214855b40028fdd2def40116f4585bd50f42ef0948713d63e163840079e8be7_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-operator-bundle@sha256:e6e8f0a739c61bbd94a61bb75d81ef1af551a4e57ed4a64e583adce62c82af9c_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:66d6fed71915dce2d8b8386cf661590bd374e27baa26a7c2cddd1916386922ce_amd64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:67167e08f0883c273e98810ad44288c4355ce2af13859021e2973c075c56cf9f_s390x",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:8596630dd1c175bf6dd29470c009e850d8b8fd465f3d9dcee8338a4aeca8dc64_arm64",
            "9Base-NETWORK-OBSERVABILITY-1.4.0:network-observability/network-observability-rhel9-operator@sha256:be6bfe44af552d934c881db0177bee7e345d76442523b0ea0144610d5470ea45_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-10-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Service Telemetry Framework 1.5.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)\n\n* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:5976",
        "url": "https://access.redhat.com/errata/RHSA-2023:5976"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
        "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
      },
      {
        "category": "external",
        "summary": "2178492",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
      },
      {
        "category": "external",
        "summary": "2184483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
      },
      {
        "category": "external",
        "summary": "2222167",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
      },
      {
        "category": "external",
        "summary": "2223355",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
      },
      {
        "category": "external",
        "summary": "2228743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
      },
      {
        "category": "external",
        "summary": "2242803",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
      },
      {
        "category": "external",
        "summary": "2243296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5976.json"
      }
    ],
    "title": "Red Hat Security Advisory: Service Telemetry Framework 1.5.2 security update",
    "tracking": {
      "current_release_date": "2026-06-04T17:41:02+00:00",
      "generator": {
        "date": "2026-06-04T17:41:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2023:5976",
      "initial_release_date": "2023-10-20T17:18:33+00:00",
      "revision_history": [
        {
          "date": "2023-10-20T17:18:33+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-10-20T17:18:33+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-04T17:41:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Service Telemetry Framework 1.5 for RHEL 8",
                "product": {
                  "name": "Service Telemetry Framework 1.5 for RHEL 8",
                  "product_id": "8Base-STF-1.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stf:1.5::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
                "product": {
                  "name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
                  "product_id": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b?arch=amd64\u0026repository_url=registry.redhat.io/stf/prometheus-webhook-snmp-rhel8\u0026tag=1.5.2-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
                "product": {
                  "name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
                  "product_id": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-operator-bundle\u0026tag=1.5.1697612918-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
                "product": {
                  "name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
                  "product_id": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-rhel8-operator\u0026tag=1.5.1-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
                "product": {
                  "name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
                  "product_id": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-bridge-rhel8\u0026tag=1.5.0-18"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
                "product": {
                  "name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
                  "product_id": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-core-rhel8\u0026tag=5.1.1-8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
                "product": {
                  "name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
                  "product_id": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-operator-bundle\u0026tag=5.0.1697612918-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
                "product": {
                  "name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
                  "product_id": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-rhel8-operator\u0026tag=5.0.1-9"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64"
        },
        "product_reference": "stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64"
        },
        "product_reference": "stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64"
        },
        "product_reference": "stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64"
        },
        "product_reference": "stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64"
        },
        "product_reference": "stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64"
        },
        "product_reference": "stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        },
        "product_reference": "stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-41724",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-03-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2178492"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: large handshake records may cause panics",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "RHBZ#2178492",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/468125",
          "url": "https://go.dev/cl/468125"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/58001",
          "url": "https://go.dev/issue/58001"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
          "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1570",
          "url": "https://pkg.go.dev/vuln/GO-2023-1570"
        }
      ],
      "release_date": "2023-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: large handshake records may cause panics"
    },
    {
      "cve": "CVE-2023-24532",
      "cwe": {
        "id": "CWE-682",
        "name": "Incorrect Calculation"
      },
      "discovery_date": "2023-07-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2223355"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24532"
        },
        {
          "category": "external",
          "summary": "RHBZ#2223355",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24532",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24532"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/471255",
          "url": "https://go.dev/cl/471255"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/58647",
          "url": "https://go.dev/issue/58647"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY",
          "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1621",
          "url": "https://pkg.go.dev/vuln/GO-2023-1621"
        }
      ],
      "release_date": "2023-03-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results"
    },
    {
      "cve": "CVE-2023-24534",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-04-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2184483"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "RHBZ#2184483",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/58975",
          "url": "https://go.dev/issue/58975"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
          "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
        }
      ],
      "release_date": "2023-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
    },
    {
      "cve": "CVE-2023-29406",
      "cwe": {
        "id": "CWE-113",
        "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
      },
      "discovery_date": "2023-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2222167"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: insufficient sanitization of Host header",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "RHBZ#2222167",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
          "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
        }
      ],
      "release_date": "2023-07-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: insufficient sanitization of Host header"
    },
    {
      "cve": "CVE-2023-29409",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-08-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2228743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "RHBZ#2228743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/515257",
          "url": "https://go.dev/cl/515257"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/61460",
          "url": "https://go.dev/issue/61460"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-1987",
          "url": "https://pkg.go.dev/vuln/GO-2023-1987"
        }
      ],
      "release_date": "2023-08-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
    },
    {
      "cve": "CVE-2023-39325",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2243296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2243296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/63417",
          "url": "https://go.dev/issue/63417"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        },
        {
          "category": "workaround",
          "details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2242803"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "RHBZ#2242803",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://github.com/dotnet/announcements/issues/277",
          "url": "https://github.com/dotnet/announcements/issues/277"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
          "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-10-20T17:18:33+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:5976"
        },
        {
          "category": "workaround",
          "details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n     a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n     b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n     c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n     d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n     e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:e261f596dc4f13cf45981d4415cb17d0314c66ad105b5aa31898f7364185233b_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:583b8fc7bd18b79b146274c0b6ca0e8ebc14e7dfb389bd2a01fcf18744ab7d40_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:627b664de828007e469d329253e50ff91cea19ead36353d11d313b6692913d07_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:1725eae2e4232e99412c73e6e4b6eabab8f8ce7f13e2106701974c5cfeeb5830_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:d870784a543045e6b14519df1658864fa0ea22885465bd6630232aeaa1f9ee7e_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:f8bb700696897363678fcd0ce466fd9e9ffcddad263476a42673d516724b9767_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9c3256a9e48b535413e4a4633d1404adbea0239c644569032cd63f991c5051ec_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-10-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
    }
  ]
}