Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-44487 (GCVE-0-2023-44487)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2026-05-12 10:52Summary
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Severity
7.5 (High)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
173 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| ietf | http |
Affected:
2.0
cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:* |
|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SINEC NMS |
Affected:
0 , < V3.0
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 6386c9c4-033b-4ac4-b69d-cdc0288bae9a
Exploited: Yes
Timestamps
First Seen: 2023-10-10
Asserted: 2023-10-10
Scope
Notes: KEV entry: HTTP/2 Rapid Reset Attack Vulnerability | Affected: IETF / HTTP/2 | Description: HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2023-10-31 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-400 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | HTTP/2 |
| Due Date | 2023-10-31 |
| Date Added | 2023-10-10 |
| Vendorproject | IETF |
| Vulnerabilityname | HTTP/2 Rapid Reset Attack Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "http",
"vendor": "ietf",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-44487",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T20:34:21.334116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:35.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-10T00:00:00.000Z",
"value": "CVE-2023-44487 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:08:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"tags": [
"x_transferred"
],
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"tags": [
"x_transferred"
],
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"tags": [
"x_transferred"
],
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/go/issues/63417"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"tags": [
"x_transferred"
],
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"tags": [
"x_transferred"
],
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"tags": [
"x_transferred"
],
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/armeria/pull/5232"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:23.784Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-341067.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-07T20:05:34.376Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73"
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
},
{
"url": "https://news.ycombinator.com/item?id=37831062"
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack"
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055"
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312"
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679"
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961"
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
},
{
"url": "https://github.com/alibaba/tengine/issues/1872"
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
},
{
"url": "https://news.ycombinator.com/item?id=37830987"
},
{
"url": "https://news.ycombinator.com/item?id=37830998"
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877"
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487"
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703"
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244"
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html"
},
{
"url": "https://my.f5.com/manage/s/article/K000137106"
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
},
{
"name": "[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/7"
},
{
"name": "[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381"
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo"
},
{
"url": "https://github.com/facebook/proxygen/pull/466"
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
},
{
"url": "https://github.com/micrictor/http2-rst-stream"
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf"
},
{
"url": "https://github.com/h2o/h2o/pull/3291"
},
{
"url": "https://github.com/nodejs/node/pull/50121"
},
{
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"url": "https://github.com/golang/go/issues/63417"
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg"
},
{
"url": "https://github.com/apache/trafficserver/pull/10564"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14"
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474"
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120"
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p"
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html"
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
},
{
"url": "https://news.ycombinator.com/item?id=37837043"
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93"
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113"
},
{
"name": "DSA-5522",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5522"
},
{
"name": "DSA-5521",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5521"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487"
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615"
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996"
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986"
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/"
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740"
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/"
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487"
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3"
},
{
"url": "https://github.com/apache/httpd-site/pull/10"
},
{
"url": "https://github.com/projectcontour/contour/pull/5826"
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
},
{
"url": "https://github.com/line/armeria/pull/5232"
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487"
},
{
"url": "https://github.com/akka/akka-http/issues/4323"
},
{
"url": "https://github.com/openresty/openresty/issues/930"
},
{
"url": "https://github.com/apache/apisix/issues/10320"
},
{
"url": "https://github.com/Azure/AKS/issues/3947"
},
{
"url": "https://github.com/Kong/kong/discussions/11741"
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487"
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
},
{
"name": "[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
},
{
"name": "[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
},
{
"url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
},
{
"url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html"
},
{
"name": "FEDORA-2023-ed2642fd58",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/"
},
{
"url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
},
{
"name": "[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
},
{
"name": "[oss-security] 20231018 Vulnerability in Jenkins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
},
{
"name": "[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
},
{
"name": "[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
},
{
"name": "FEDORA-2023-54fadada12",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/"
},
{
"name": "FEDORA-2023-5ff7bf1dd8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/"
},
{
"name": "[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
},
{
"name": "FEDORA-2023-17efd3f2cd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/"
},
{
"name": "FEDORA-2023-d5030c983c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"name": "FEDORA-2023-0259c3f26f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/"
},
{
"name": "FEDORA-2023-2a9214af5f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/"
},
{
"name": "FEDORA-2023-e9c04d81c1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"name": "FEDORA-2023-f66fc0f62a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"name": "FEDORA-2023-4d2fd884ea",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"name": "FEDORA-2023-b2c50535cb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/"
},
{
"name": "FEDORA-2023-fe53e13b5b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"name": "FEDORA-2023-4bf641255e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
},
{
"name": "DSA-5540",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5540"
},
{
"name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
},
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
},
{
"name": "FEDORA-2023-1caffb88af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/"
},
{
"name": "FEDORA-2023-3f70b8d406",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/"
},
{
"name": "FEDORA-2023-7b52921cae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"name": "FEDORA-2023-7934802344",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/"
},
{
"name": "FEDORA-2023-dbe64661af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
},
{
"name": "FEDORA-2023-822aab0a5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"name": "[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
},
{
"name": "DSA-5549",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5549"
},
{
"name": "FEDORA-2023-c0c6a91330",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/"
},
{
"name": "FEDORA-2023-492b7be466",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/"
},
{
"name": "DSA-5558",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5558"
},
{
"name": "[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
},
{
"name": "GLSA-202311-09",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"name": "DSA-5570",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5570"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
},
{
"url": "https://github.com/grpc/grpc/releases/tag/v1.59.2"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44487",
"datePublished": "2023-10-10T00:00:00.000Z",
"dateReserved": "2023-09-29T00:00:00.000Z",
"dateUpdated": "2026-05-12T10:52:23.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-44487",
"cwes": "[\"CWE-400\"]",
"dateAdded": "2023-10-10",
"dueDate": "2023-10-31",
"knownRansomwareCampaignUse": "Unknown",
"notes": "This vulnerability affects a common open-source component, third-party library, or protocol used by different products. For more information, please see: HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 | CISA: https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487; https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/; https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"product": "HTTP/2",
"requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).",
"vendorProject": "IETF",
"vulnerabilityName": "HTTP/2 Rapid Reset Attack Vulnerability"
},
"epss": {
"cve": "CVE-2023-44487",
"date": "2026-06-19",
"epss": "0.99999",
"percentile": "0.99996"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-44487\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-10-10T14:15:10.883\",\"lastModified\":\"2026-05-12T15:10:32.260\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"},{\"lang\":\"es\",\"value\":\"El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como se explot\u00f3 en la naturaleza entre agosto y octubre de 2023.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"cisaExploitAdd\":\"2023-10-10\",\"cisaActionDue\":\"2023-10-31\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"HTTP/2 Rapid Reset Attack Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"2A7548B8-3DF7-46D9-8A4F-87C38969D900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1EE93D-BAD2-4B86-910C-8784FCC9F398\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0\",\"matchCriteriaId\":\"C89891C1-DFD7-4E1F-80A9-7485D86A15B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4664B195-AF14-4834-82B3-0B2C98020EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"75BC588E-CDF0-404E-AD61-02093A1DF343\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A334F7B4-7283-4453-BAED-D2E01B7F8A6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BEA71C-CA81-4B5D-A688-2B21E62DC351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_ins:1.0:sp2_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B405F22-5517-49F5-A7CA-1E50D58DFC75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"AE06B8AF-B36C-4743-A056-30712163F75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:st7_scadaconnect:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1\",\"matchCriteriaId\":\"BCBD17AE-C1AE-4ECF-A991-0FFBDD06D687\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:ruggedcom_ape1808_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDCA69-9049-40B4-88AF-F476901022B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:ruggedcom_ape1808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B89A6863-B602-4404-8D26-337FECABFFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"99E36624-A573-47D9-B158-B18A8A822FBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F38253-92F5-4A3A-AA07-292F7542D8A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.5\",\"matchCriteriaId\":\"19F1C257-0EE6-47DE-B4BE-169F801FFDD8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn\\\\/dp_mfp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F63E0A-126D-4A93-8159-45EB5E606F81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5200E35-222B-42E0-83E0-5B702684D992\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.57.0\",\"matchCriteriaId\":\"C3BDC297-F023-4E87-8518-B84CCF9DD6A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.100\",\"matchCriteriaId\":\"D12D5257-7ED2-400F-9EF7-40E0D3650C2B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B058776-B5B7-4079-B0AF-23F40926DCEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D565975-EFD9-467C-B6E3-1866A4EF17A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D487271-1B5E-4F16-B0CB-A7B8908935C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6ED627-EFB3-4BDD-8ECC-C5947A1470B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.53\",\"matchCriteriaId\":\"A4A6F189-6C43-462D-85C9-B0EBDA8A4683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.17\",\"matchCriteriaId\":\"C993C920-85C0-4181-A95E-5D965A670738\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.17\",\"matchCriteriaId\":\"08E79A8E-E12C-498F-AF4F-1AAA7135661E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.2\",\"matchCriteriaId\":\"F138D800-9A3B-4C76-8A3C-4793083A1517\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.5\",\"matchCriteriaId\":\"6341DDDA-AD27-4087-9D59-0A212F0037B4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.10\",\"matchCriteriaId\":\"328120E4-C031-44B4-9BE5-03B0CDAA066F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.3\",\"matchCriteriaId\":\"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"D7D2F801-6F65-4705-BCB9-D057EA54A707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"801F25DA-F38C-4452-8E90-235A3B1A5FF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D93F04AD-DF14-48AB-9F13-8B2E491CF42E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7522C760-7E07-406F-BF50-5656D5723C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"3A7F605E-EB10-40FB-98D6-7E3A95E310BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"783E62F2-F867-48F1-B123-D1227C970674\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A8D90B7-A1AF-4EFB-B688-1563D81E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"6603ED6A-3366-4572-AFCD-B3D4B1EC7606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"88978E38-81D3-4EFE-8525-A300B101FA69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"0510296F-92D7-4388-AE3A-0D9799C2FC4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7698D6C-B1F7-43C1-BBA6-88E956356B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1CC91B-6920-4AF0-9EDD-DD3189E78F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"05E452AA-A520-4CBE-8767-147772B69194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"596FC5D5-7329-4E39-841E-CAE937C02219\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"B3C7A168-F370-441E-8790-73014BCEC39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"CF16FD01-7704-40AB-ACB2-80A883804D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1769D69A-CB59-46B1-89B3-FB97DC6DEB9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"9167FEC1-2C37-4946-9657-B4E69301FB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7B4B3442-E0C0-48CD-87AD-060E15C9801E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8FA85EC1-D91A-49DD-949B-2AF7AC813CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"20662BB0-4C3D-4CF0-B068-3555C65DD06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59203EBF-C52A-45A1-B8DF-00E17E3EFB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"7EC2324D-EC8B-41DF-88A7-819E53AAD0FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"9B88F9D1-B54B-40C7-A18A-26C4A071D7EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"C8F39403-C259-4D6F-9E9A-53671017EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"220F2D38-FA82-45EF-B957-7678C9FEDBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C698C1C-A3DD-46E2-B05A-12F2604E7F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"922AA845-530A-4B4B-9976-4CBC30C8A324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F938EB43-8373-47EB-B269-C6DF058A9244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"1771493E-ACAA-477F-8AB4-25DB12F6AD6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"5E86F3D5-65A4-48CE-A6A2-736BBB88E3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87670A74-34FE-45DF-A725-25B804C845B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"C7E422F6-C4C2-43AC-B137-0997B5739030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"CC3F710F-DBCB-4976-9719-CF063DA22377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"4B9B76A1-7C5A-453F-A4ED-F1A81BCEBEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"88EDFCD9-775C-48FA-9CDA-2B04DA8D0612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67DB21AE-DF53-442D-B492-C4ED9A20B105\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"4C9FCBCB-9CE0-49E7-85C8-69E71D211912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"112DFA85-90AD-478D-BD70-8C7C0C074F1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"DB704A1C-D8B7-48BB-A15A-C14DB591FE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"21D51D9F-2840-4DEA-A007-D20111A1745C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC1D037-74D2-4F92-89AD-C90F6CBF440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"CAEF3EA4-7D5A-4B44-9CE3-258AEC745866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"2FBCE2D1-9D93-415D-AB2C-2060307C305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"8070B469-8CC4-4D2F-97D7-12D0ABB963C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"A326597E-725D-45DE-BEF7-2ED92137B253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B235A78-649B-46C5-B24B-AB485A884654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"08B25AAB-A98C-4F89-9131-29E3A8C0ED23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"ED9B976A-D3AD-4445-BF8A-067C3EBDFBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"98D2CE1E-DED0-470A-AA78-C78EF769C38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"C966FABA-7199-4F0D-AB8C-4590FE9D2FFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D00768-E71B-4FF7-A7BF-F2C8CFBC900D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E3D2ABA3-D4A9-4267-B0DF-7C3BBEEAEB66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"BC36311E-BB00-4750-85C8-51F5A2604F07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"A65D357E-4B40-42EC-9AAA-2B6CEF78C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D7EF9865-FE65-4DFB-BF21-62FBCE65FF1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBD10E8-6054-408F-9687-B9BF6375CA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"E6018B01-048C-43BB-A78D-66910ED60CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"3A6A5686-5A8B-45D5-9165-BC99D2CCAC47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"5D2A121F-5BD2-4263-8ED3-1DDE25B5C306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83794B04-87E2-4CA9-81F5-BB820D0F5395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"D9EC2237-117F-43BD-ADEC-516CF72E04EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"F70D4B6F-65CF-48F4-9A07-072DFBCE53D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"29563719-1AF2-4BB8-8CCA-A0869F87795D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"D24815DD-579A-46D1-B9F2-3BB2C56BC54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A6E7035-3299-474F-8F67-945EA9A059D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"0360F76D-E75E-4B05-A294-B47012323ED9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"7A4607BF-41AC-4E84-A110-74E085FF0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"441CC945-7CA3-49C0-AE10-94725301E31D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"46BA8E8A-6ED5-4FB2-8BBC-586AA031085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56FB92F7-FF1E-425D-A5AB-9D9FB0BB9450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969C4F14-F6D6-46D6-B348-FC1463877680\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.5.0\",\"versionEndIncluding\":\"1.8.2\",\"matchCriteriaId\":\"41AD5040-1250-45F5-AB63-63F333D49BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8257AA59-C14D-4EC1-B22C-DFBB92CBC297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"37DB32BB-F4BA-4FB5-94B1-55C3F06749CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"FFF5007E-761C-4697-8D34-C064DF0ABE8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"910441D3-90EF-4375-B007-D51120A60AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667EB77B-DA13-4BA4-9371-EE3F3A109F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"8A6F9699-A485-4614-8F38-5A556D31617E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"5A90F547-97A2-41EC-9FDF-25F869F0FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"E76E1B82-F1DC-4366-B388-DBDF16C586A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"660137F4-15A1-42D1-BBAC-99A1D5BB398B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C446827A-1F71-4FAD-9422-580642D26AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"1932D32D-0E4B-4BBD-816F-6D47AB2E2F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"D47B7691-A95B-45C0-BAB4-27E047F3C379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"2CD1637D-0E42-4928-867A-BA0FDB6E8462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"3A599F90-F66B-4DF0-AD7D-D234F328BD59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1B2000-C3FE-4B4C-885A-A5076EB164E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.5\",\"matchCriteriaId\":\"5326759A-AFB0-4A15-B4E9-3C9A2E5DB32A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.5\",\"matchCriteriaId\":\"57D92D05-C67D-437E-88F3-DCC3F6B0ED2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndIncluding\":\"15.1.10\",\"matchCriteriaId\":\"ECCB8C30-861E-4E48-A5F5-30EE523C1FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.1.0\",\"versionEndIncluding\":\"16.1.4\",\"matchCriteriaId\":\"F5FEAD2A-3A58-432E-BEBB-6E3FDE24395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB23AE6-245E-43D6-B832-933F8259F937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.9.5\",\"versionEndIncluding\":\"1.25.2\",\"matchCriteriaId\":\"1188B4A9-2684-413C-83D1-E91C75AE0FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.4.2\",\"matchCriteriaId\":\"3337609D-5291-4A52-BC6A-6A8D4E60EB20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.3.0\",\"matchCriteriaId\":\"6CF0ABD9-EB28-4966-8C31-EED7AFBF1527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r25\",\"versionEndExcluding\":\"r29\",\"matchCriteriaId\":\"F291CB34-47A4-425A-A200-087CC295AEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5892B558-EC3A-43FF-A1D5-B2D9F70796F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BF2B19-52C7-4051-BA58-CAE6F912B72F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.0\",\"versionEndIncluding\":\"8.5.93\",\"matchCriteriaId\":\"ABD26B48-CC80-4FAE-BD3D-78DE4C80C92B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndIncluding\":\"9.0.80\",\"matchCriteriaId\":\"F3EC20B6-B2AB-41F5-9BF9-D16C1FE67C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndIncluding\":\"10.1.13\",\"matchCriteriaId\":\"0765CC3D-AB1A-4147-8900-EF4C105321F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AA7FF6-E8E7-4BF6-983E-0A99B0183008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"57088BDD-A136-45EF-A8A1-2EBF79CEC2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32D1D7A-A04F-444E-8F45-BB9A9E4B0199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD52CE-94F5-4F98-A027-9A7E68818CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A171AF-2EC8-4422-912C-547CDB58CAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"538E68C4-0BA4-495F-AEF8-4EF6EE7963CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"49350A6E-5E1D-45B2-A874-3B8601B3ADCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F50942F-DF54-46C0-8371-9A476DD3EEA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"98792138-DD56-42DF-9612-3BDC65EEC117\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:swiftnio_http\\\\/2:*:*:*:*:*:swift:*:*\",\"versionEndExcluding\":\"1.28.0\",\"matchCriteriaId\":\"08190072-3880-4EF5-B642-BA053090D95B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.56.3\",\"matchCriteriaId\":\"5F4CDEA9-CB47-4881-B096-DA896E2364F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndIncluding\":\"1.59.2\",\"matchCriteriaId\":\"E65AF7BC-7DAE-408A-8485-FBED22815F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"1.58.0\",\"versionEndExcluding\":\"1.58.3\",\"matchCriteriaId\":\"DD868DDF-C889-4F36-B5E6-68B6D9EA48CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*\",\"matchCriteriaId\":\"FBD991E2-DB5A-4AAD-95BA-4B5ACB811C96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"4496821E-BD55-4F31-AD9C-A3D66CBBD6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"8DF7ECF6-178D-433C-AA21-BAE9EF248F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.23\",\"matchCriteriaId\":\"1C3418F4-B8BF-4666-BB39-C188AB01F45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"1278DD1C-EFA9-4316-AD32-24C1B1FB0CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-08\",\"matchCriteriaId\":\"3BDFB0FF-0F4A-4B7B-94E8-ED72A8106314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.2.20\",\"matchCriteriaId\":\"16A8F269-E07E-402F-BFD5-60F3988A5EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4.12\",\"matchCriteriaId\":\"C4B2B972-69E2-4D21-9A7C-B2AFF1D89EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.6\",\"versionEndExcluding\":\"17.6.8\",\"matchCriteriaId\":\"DA5834D4-F52F-41C0-AA11-C974FFEEA063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndExcluding\":\"17.7.5\",\"matchCriteriaId\":\"2166106F-ACD6-4C7B-B0CC-977B83CC5F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"4CD49C41-6D90-47D3-AB4F-4A74169D3A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.6351\",\"matchCriteriaId\":\"BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.4974\",\"matchCriteriaId\":\"E500D59C-6597-45E9-A57B-BE26C0C231D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.3570\",\"matchCriteriaId\":\"C9F9A643-90C6-489C-98A0-D2739CE72F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.3570\",\"matchCriteriaId\":\"1814619C-ED07-49E0-A50A-E28D824D43BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22000.2538\",\"matchCriteriaId\":\"100A27D3-87B0-4E72-83F6-7605E3F35E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.22621.2428\",\"matchCriteriaId\":\"C6A36795-0238-45C9-ABE6-3DCCF751915B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821614DD-37DD-44E2-A8A4-FE8D23A33C3C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0\",\"versionEndExcluding\":\"18.18.2\",\"matchCriteriaId\":\"94BAB9EB-1527-4D9A-BADE-0708579536CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.0.0\",\"versionEndExcluding\":\"20.8.1\",\"matchCriteriaId\":\"69843DE4-4721-4F0A-A9B7-0F6DF5AAA388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"B25279EF-C406-4133-99ED-0492703E0A4E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"9FFFF84B-F35C-43DE-959A-A5D10C3AE9F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023.10.16.00\",\"matchCriteriaId\":\"9DCE8C89-7C22-48CA-AF22-B34C8AA2CB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.1\",\"matchCriteriaId\":\"EDEB508E-0EBD-4450-9074-983DDF568AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.1.9\",\"matchCriteriaId\":\"93A1A748-6C71-4191-8A16-A93E94E2CDE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.2.3\",\"matchCriteriaId\":\"4E4BCAF6-B246-41EC-9EE1-24296BFC4F5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.0\",\"matchCriteriaId\":\"6F70360D-6214-46BA-AF82-6AB01E13E4E9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.2\",\"matchCriteriaId\":\"E2DA759E-1AF8-49D3-A3FC-1B426C13CA82\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.6\",\"matchCriteriaId\":\"28BE6F7B-AE66-4C8A-AAFA-F1262671E9BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.3\",\"matchCriteriaId\":\"F0C8E760-C8D2-483A-BBD4-6A6D292A3874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.19.0\",\"versionEndExcluding\":\"1.19.1\",\"matchCriteriaId\":\"5D0F78BB-6A05-4C97-A8DB-E731B6CC8CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-10-10\",\"matchCriteriaId\":\"050AE218-3871-44D6-94DA-12D84C2093CB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.10.5\",\"matchCriteriaId\":\"B36BFFB0-C0EC-4926-A1DB-0B711C846A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"376EAF9B-E994-4268-9704-0A45EA30270F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D08335-C291-4623-B80C-3B14C4D1FA32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*\",\"versionEndExcluding\":\"2023-10-11\",\"matchCriteriaId\":\"FC4C66B1-42C0-495D-AE63-2889DE0BED84\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*\",\"versionStartIncluding\":\"2.12.0\",\"versionEndIncluding\":\"2.12.5\",\"matchCriteriaId\":\"8633E263-F066-4DD8-A734-90207207A873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"34A23BD9-A0F4-4D85-8011-EAC93C29B4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"27ED3533-A795-422F-B923-68BE071DC00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"45F7E352-3208-4188-A5B1-906E00DF9896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*\",\"matchCriteriaId\":\"DF89A8AD-66FE-439A-B732-CAAB304D765B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.26.0\",\"matchCriteriaId\":\"A400C637-AF18-4BEE-B57C-145261B65DEC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"653A5B08-0D02-4362-A8B1-D00B24C6C6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B4BE2D6-43C3-4065-A213-5DB1325DC78F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D54F5AE-61EC-4434-9D5F-9394A3979894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E37E1B3-6F68-4502-85D6-68333643BDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F13B03-69BF-4A8B-A0A0-7F47FD857461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9393119E-F018-463F-9548-60436F104195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC45EE1E-2365-42D4-9D55-92FA24E5ED3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E567CD9F-5A43-4D25-B911-B5D0440698F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68146098-58F8-417E-B165-5182527117C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB4D6790-63E5-4043-B8BE-B489D649061D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78698F40-0777-4990-822D-02E1B5D0E2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87C8AD3-8878-4546-86C2-BF411876648C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF03BDE8-602D-4DEE-BA5B-5B20FDF47741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58966CB-36AF-4E64-AB39-BE3A0753E155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BC540-073B-425B-B664-5EA4C00AFED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD354E32-A8B0-484C-B4C6-9FBCD3430D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A54BDA-311C-413B-8E4D-388AD65A170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40CCE4F-EA2C-453D-BB76-6388767E5C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF93A27E-AA2B-4C2E-9B8D-FE7267847326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B12A3A8-6456-481A-A0C9-524543FCC149\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E7E3C-A507-4AB2-97E5-4944D8775CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E22EBF9-AA0D-4712-9D69-DD97679CE835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941B114C-FBD7-42FF-B1D8-4EA30E99102C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339CFB34-A795-49F9-BF6D-A00F3A1A4F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D044DBE-6F5A-4C53-828E-7B1A570CACFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23FA47F-B967-44AD-AB76-1BB2CAD3CA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*\",\"matchCriteriaId\":\"65203CA1-5225-4E55-A187-6454C091F532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA9B2E2-958B-478D-87D6-E5CDDCD44315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F5FF1E-5DA3-4EC3-B41A-A362BDFC4C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF390236-3259-4C8F-891C-62ACC4386CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B129311C-EB4B-4041-B85C-44D5E53FCAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1AB54DB-3FB4-41CB-88ED-1400FD22AB85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A76A2BCE-4AAE-46D7-93D6-2EDE0FC83145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A6B40D-F991-4712-8E30-5FE008505CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1987BDA-0113-4603-B9BE-76647EB043F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D482A3D2-6E9B-42BA-9926-35E5BDD5F3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"848C92A9-0677-442B-8D52-A448F2019903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F564701-EDC1-43CF-BB9F-287D6992C6CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12B0CF2B-D1E1-4E20-846E-6F0D873499A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8885C2C-7FB8-40CA-BCB9-B48C50BF2499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D88B140-D2A1-4A0A-A2E9-1A3B50C295AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A903C3AD-2D25-45B5-BF4A-A5BEB2286627\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EBD2A-32A3-46D5-B155-B44DCB7F6902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.5.3\",\"matchCriteriaId\":\"C2792650-851F-4820-B003-06A4BEA092D7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"9F6B63B9-F4C9-4A3F-9310-E0918E1070D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.414.2\",\"matchCriteriaId\":\"E6FF5F80-A991-43D4-B49F-D843E2BC5798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.427\",\"matchCriteriaId\":\"54D25DA9-12D0-4F14-83E6-C69D0293AAB9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.0\",\"matchCriteriaId\":\"8E1AFFB9-C717-4727-B0C9-5A0C281710E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.4.3\",\"matchCriteriaId\":\"25C85001-E0AB-4B01-8EE7-1D9C77CD956E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.003.009\",\"matchCriteriaId\":\"FB2BDBAC-8D19-4F81-8D31-6D0955A53D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.1\",\"matchCriteriaId\":\"F98F9D27-6659-413F-8F29-4FDB0882AAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.3\",\"matchCriteriaId\":\"C98BF315-C563-47C2-BAD1-63347A3D1008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.0.2\",\"matchCriteriaId\":\"3F30E209-FA52-4D3B-9B88-4193EA388554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_situation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3178F3A5-A072-44E1-A225-B04BC536F4FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0\",\"matchCriteriaId\":\"AA2BE0F1-DD16-4876-8EBA-F187BD38B159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"796B6C58-2140-4105-A2A1-69865A194A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEA99DC6-EA03-469F-A8BE-7F96FDF0B333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"6560DBF4-AFE6-4672-95DE-74A0B8F4170A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.4.2\",\"matchCriteriaId\":\"84785919-796D-41E5-B652-6B5765C81D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"92A74A1A-C69F-41E6-86D0-D6BB1C5D0A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.3.3\",\"matchCriteriaId\":\"6FE7BA33-2AC0-4A85-97AD-6D77F20BA2AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.1\",\"matchCriteriaId\":\"4FE2F959-1084-48D1-B1F1-8182FC9862DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.10.4\",\"matchCriteriaId\":\"5CC17E6B-D7AB-40D7-AEC5-F5B555AC4D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"1BB6B48E-EA36-40A0-96D0-AF909BEC1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.0\",\"matchCriteriaId\":\"2CBED844-7F94-498C-836D-8593381A9657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.19.2\",\"matchCriteriaId\":\"C170DBA1-0899-4ECC-9A0D-8FEB1DA1B510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"x14.3.3\",\"matchCriteriaId\":\"358FA1DC-63D3-49F6-AC07-9E277DD0D9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.01.0\",\"matchCriteriaId\":\"BFF2D182-7599-4B81-B56B-F44EDA1384C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4868BCCA-24DE-4F24-A8AF-B3A545C0396E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"194F7A1F-FD43-4FF7-9AE2-C13AA5567E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2024.02.0\",\"matchCriteriaId\":\"BEC75F99-C7F0-47EB-9032-C9D3A42EBA20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6638F4E-16F7-447D-B755-52640BCB1C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC34F742-530E-4AB4-8AFC-D1E088E256B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31CC0E9-8E21-436B-AB84-EA1B1BC60DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.6.2\",\"matchCriteriaId\":\"E22AD683-345B-4E16-BB9E-E9B1783E09AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C0D694-9E24-4782-B35F-D7C3E3B0F2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.22\",\"matchCriteriaId\":\"2955BEE9-F567-4006-B96D-92E10FF84DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.15.1\",\"matchCriteriaId\":\"67502878-DB20-4410-ABA0-A1C5705064CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.2\",\"matchCriteriaId\":\"177DED2D-8089-4494-BDD9-7F84FC06CD5B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.1.0\",\"matchCriteriaId\":\"54A29FD3-4128-4333-8445-A7DD04A6ECF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67074526-9933-46B3-9FE3-A0BE73C5E8A7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528ED62B-D739-4E06-AC64-B506FD73BBAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC2A6C31-438A-4CF5-A3F3-364B1672EB7D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76C10D85-88AC-4A79-8866-BED88A0F8DF8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09AC2BAD-F536-48D0-A2F0-D4E290519EB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4E8EE4-031D-47D3-A12E-EE5F792172EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FF2EC4-0C09-4C00-9956-A2A4A894F63D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14D4B4E-120E-4607-A4F1-447C7BF3052E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15702ACB-29F3-412D-8805-E107E0729E35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E930332-CDDD-48D5-93BC-C22D693BBFA2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B34855-D8D2-4114-80D2-A4D159C62458\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF4B8FE-E134-4491-B5C2-C1CFEB64731B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4226DA0-9371-401C-8247-E6E636A116C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7664666F-BCE4-4799-AEEA-3A73E6AD33F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DBBFE9-835C-4411-8492-6006E74BAC65\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3293438-3D18-45A2-B093-2C3F65783336\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97C29EE-9426-4BBE-8D84-AB5FF748703D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-x\\\\/3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E142C18F-9FB5-4D96-866A-141D7D16CAF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F43B770-D96C-44EA-BC12-9F39FC4317B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7817F4E6-B2DA-4F06-95A4-AF329F594C02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED628B5-97A8-4B26-AA40-BEC854982157\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB9DD73-E31D-4921-A6D6-E14E04703588\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172pq\\\\/pq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EFC116A-627F-4E05-B631-651D161217C8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4532F513-0543-4960-9877-01F23CA7BA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B43502B-FD53-465A-B60F-6A359C6ACD99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3229124-B097-4AAC-8ACD-2F9C89DCC3AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32A532C0-B0E3-484A-B356-88970E7D0248\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C84D24C-2256-42AF-898A-221EBE9FE1E4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652A2849-668D-4156-88FB-C19844A59F33\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D008CA1C-6F5A-40EA-BB12-A9D84D5AF700\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FBE87B-8A4F-43A8-98A3-4A7D9C630937\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACD09AC-8B28-4ACB-967B-AB3D450BC137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43913A0E-50D5-47DD-94D8-DD3391633619\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D397349-CCC6-479B-9273-FB1FFF4F34F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC7286A7-780F-4A45-940A-4AD5C9D0F201\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA52D5C1-13D8-4D23-B022-954CCEF491F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7AF8D7-431B-43CE-840F-CC0817D159C0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAC204C8-1A5A-4E85-824E-DC9B8F6A802D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8E1073F-D374-4311-8F12-AD8C72FAA293\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAF5AF71-15DF-4151-A1CF-E138A7103FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F80A72-AD54-4699-B8AE-82715F0B58E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E505C0B1-2119-4C6A-BF96-C282C633D169\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9354B6A2-D7D6-442E-BF4C-FE8A336D9E94\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088C0323-683A-44F5-8D42-FF6EC85D080E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CB4002-7636-4382-B33E-FBA060A13C34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-x\\\\/xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915EF8F6-6039-4DD0-B875-30D911752B74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CEBF73-3EE0-459A-86C5-F8F6243FE27C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97217080-455C-48E4-8CE1-6D5B9485864F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D2C4C3-65CE-4612-A027-AF70CEFC3233\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57572E4A-78D5-4D1A-938B-F05F01759612\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2\\\\(7\\\\)\",\"matchCriteriaId\":\"EEB32D2E-AD9D-44A0-AEF7-689F7D2605C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\\\\(1\\\\)\",\"versionEndExcluding\":\"10.3\\\\(5\\\\)\",\"matchCriteriaId\":\"0A236A0A-6956-4D79-B8E5-B2D0C79FAE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\\\\(1\\\\)\",\"versionEndExcluding\":\"10.4\\\\(2\\\\)\",\"matchCriteriaId\":\"BE71D34C-227A-4789-BA4D-79E5FDE311DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD9C1F1-8582-4F67-A77D-97CBFECB88B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"532CE4B0-A3C9-4613-AAAF-727817D06FB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24CA1A59-2681-4507-AC74-53BD481099B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4283E433-7F8C-4410-B565-471415445811\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9147C9-5D8B-40F5-9AAA-66A3495A0AD8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB9FDE8-8533-4F65-BF32-4066D042B2F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F80AB6FB-32FD-43D7-A9F1-80FA47696210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA5389A-8AD1-476E-983A-54DF573C30F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B2E4C1-2627-4B9D-8E92-4B483F647651\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B1A8F1-45B1-4E64-A254-7191FA93CB6D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83DA8BFA-D7A2-476C-A6F5-CAE610033BC2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557ED31C-C26A-4FAE-8B14-D06B49F7F08B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11411BFD-3F4D-4309-AB35-A3629A360FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB2FFD26-8255-4351-8594-29D2AEFC06EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E663DE91-C86D-48DC-B771-FA72A8DF7A7C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E10975-B47E-4F4D-8096-AEC7B7733612\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A90184B3-C82F-4CE5-B2AD-97D5E4690871\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40E40F42-632A-47DF-BE33-DC25B826310B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C67B7A6-9BB2-41FC-8FA3-8D0DF67CBC68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C64136-89C2-443C-AF7B-BED81D3DE25A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBEF7F26-BB47-44BD-872E-130820557C23\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DE6F63-2C7D-415B-8C34-01EC05C062F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"182000E0-8204-4D8B-B7DE-B191AFE12E28\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423E45D-A6DD-4305-9C6A-EAB26293E53A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDC208BC-7E19-48C6-A20E-A79A51B7362C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102F91CD-DFB6-43D4-AE5B-DA157A696230\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E952A96A-0F48-4357-B7DD-1127D8827650\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"084D0191-563B-4FF0-B589-F35DA118E1C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB6FC5-762A-4F16-AE8C-69330EFCF640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D81F1-8B12-4474-9060-B4934D8A3873\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5394DE31-3863-4CA9-B7B1-E5227183100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968390BC-B430-4903-B614-13104BFAE635\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7349D69B-D8FA-4462-AA28-69DD18A652D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4BB834-2C00-4384-A78E-AF3BCDDC58AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE49B45-F2E9-491D-9C29-1B46E9CE14E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFAD21E-59EE-4CCE-8F1E-621D2EA50905\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91231DC6-2773-4238-8C14-A346F213B5E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF88547-BAF4-47B0-9F60-80A30297FCEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C3CE6D-BD54-48B1-A188-8E53DA001424\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"498991F7-39D6-428C-8C7D-DD8DC72A0346\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113772B6-E9D2-4094-9468-3F4E1A87D07D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B90D36-5124-4669-8462-4EAF35B0F53D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45A38D6-BED6-4FEF-AD87-A1E813695DE0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC2B1F-232E-4754-8076-CC82F3648730\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1127D2-12C0-454F-91EF-5EE334070D06\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6EB963-E0F2-4A02-8765-AB2064BE19E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"785FD17C-F32E-4042-9DDE-A89B3AAE0334\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAAF99B-5406-4722-81FB-A91CBAC2DF41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73DC1E93-561E-490C-AE0E-B02BAB9A7C8E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF467E2-4567-426E-8F48-39669E0F514C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63842B25-8C32-4988-BBBD-61E9CB09B4F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EA1FEF-B6B6-49FE-A0A4-5387F76303F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D6DB7F-C025-4971-9615-73393ED61078\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4364ADB9-8162-451D-806A-B98924E6B2CF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53BCB42-ED61-4FCF-8068-CB467631C63C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"737C724A-B6CD-4FF7-96E0-EBBF645D660E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7067AEC7-DFC8-4437-9338-C5165D9A8F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E0371B-FDE2-473C-AA59-47E1269D050F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489D11EC-5A18-4F32-BC7C-AC1FCEC27222\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D4CF15-B293-4403-A1A9-96AD3933BAEF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBCC1515-2DBE-4DF2-8E83-29A869170F36\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC5293E-F2B4-46DC-85DA-167EA323FCFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7282AAFF-ED18-4992-AC12-D953C35EC328\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA022E77-6557-4A33-9A3A-D028E2DB669A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360409CC-4172-4878-A76B-EA1C1F8C7A79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8D5D5E2-B40B-475D-9EF3-8441016E37E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA8E1F0-74A6-4725-B6AA-A1112EFC5D0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BE0266-1C00-4D6A-AD96-7F82532ABAA7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73F59A4B-AE92-4533-8EDC-D1DD850309FF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492A2C86-DD38-466B-9965-77629A73814F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB7AA46-4018-4925-963E-719E1037F759\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B9D1E4-10B9-4B6F-B848-D93ABF6486D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_a\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB270C45-756E-400A-979F-D07D750C881A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A085C-2DBA-4269-AB01-B16019FBB4DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500_supervisor_b\\\\+:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79DD582-AF68-44F1-B640-766B46EF2BE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04484DA-AA59-4833-916E-6A8C96D34F0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768BE390-5ED5-48A7-9E80-C4DE8BA979B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07B5399-44C7-468D-9D57-BB5B5E26CE50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2F709-AFBE-48EA-A3A2-DA1134534FB6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76FB64F-16F0-4B0B-B304-B46258D434BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E02DC82-0D26-436F-BA64-73C958932B0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E128053-834B-4DD5-A517-D14B4FC2B56F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163743A1-09E7-4EC5-8ECA-79E4B9CE173B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE340E4C-DC48-4FC8-921B-EE304DB5AE0A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C367BBE0-D71F-4CB5-B50E-72B033E73FE1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85E1D224-4751-4233-A127-A041068C804A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD31B075-01B1-429E-83F4-B999356A0EB9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3284D16F-3275-4F8D-8AE4-D413DE19C4FA\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/10/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/grpc/grpc/releases/tag/v1.59.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/13/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/18/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/19/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/20/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://blog.vespa.ai/cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1216123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/Azure/AKS/issues/3947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/Kong/kong/discussions/11741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-vx74-f528-fxqg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/akka/akka-http/issues/4323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/alibaba/tengine/issues/1872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/apisix/issues/10320\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd-site/pull/10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/trafficserver/pull/10564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/bcdannyboy/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/issues/5877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/dotnet/announcements/issues/277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/eclipse/jetty.project/issues/10679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/envoyproxy/envoy/pull/30055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/etcd-io/etcd/issues/16740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/facebook/proxygen/pull/466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/golang/go/issues/63417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/grpc/grpc-go/pull/6703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/pull/3291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/haproxy/haproxy/issues/2312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/junkurihara/rust-rpxy/issues/97\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kazu-yamamoto/http2/issues/93\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/pull/121120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/line/armeria/pull/5232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/micrictor/http2-rst-stream\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/microsoft/CBL-Mariner/pull/6381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/pull/1961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ninenines/cowboy/issues/1615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/nodejs/node/pull/50121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/openresty/openresty/issues/930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/opensearch-project/data-prepper/issues/3474\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/oqtane/oqtane.framework/discussions/3367\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/projectcontour/contour/pull/5826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/tempesta-tech/tempesta/issues/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/varnishcache/varnish-cache/issues/3996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://istio.io/latest/news/security/istio-security-2023-004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://my.f5.com/manage/s/article/K000137106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://netty.io/news/2023/10/10/4-1-100-Final.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830987\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37830998\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Press/Media Coverage\"]},{\"url\":\"https://news.ycombinator.com/item?id=37831062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=37837043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231016-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240426-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/10/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/nodejs/node/pull/50121\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/go/issues/63417\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/line/armeria/pull/5232\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openresty/openresty/issues/930\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/apisix/issues/10320\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/6\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:08:27.383Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SINEC NMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-832273.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-341067.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-784301.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-44487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-23T20:34:21.334116Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*\"], \"vendor\": \"ietf\", \"product\": \"http\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-10T00:00:00.000Z\", \"value\": \"CVE-2023-44487 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-16T18:31:22.372Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73\"}, {\"url\": \"https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/\"}, {\"url\": \"https://aws.amazon.com/security/security-bulletins/AWS-2023-011/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack\"}, {\"url\": \"https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\"}, {\"url\": \"https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/\"}, {\"url\": \"https://news.ycombinator.com/item?id=37831062\"}, {\"url\": \"https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/\"}, {\"url\": \"https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack\"}, {\"url\": \"https://github.com/envoyproxy/envoy/pull/30055\"}, {\"url\": \"https://github.com/haproxy/haproxy/issues/2312\"}, {\"url\": \"https://github.com/eclipse/jetty.project/issues/10679\"}, {\"url\": \"https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/pull/1961\"}, {\"url\": \"https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61\"}, {\"url\": \"https://github.com/alibaba/tengine/issues/1872\"}, {\"url\": \"https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830987\"}, {\"url\": \"https://news.ycombinator.com/item?id=37830998\"}, {\"url\": \"https://github.com/caddyserver/caddy/issues/5877\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/\"}, {\"url\": \"https://github.com/bcdannyboy/CVE-2023-44487\"}, {\"url\": \"https://github.com/grpc/grpc-go/pull/6703\"}, {\"url\": \"https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244\"}, {\"url\": \"https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0\"}, {\"url\": \"https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html\"}, {\"url\": \"https://my.f5.com/manage/s/article/K000137106\"}, {\"url\": \"https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/\"}, {\"url\": \"https://bugzilla.proxmox.com/show_bug.cgi?id=4988\"}, {\"url\": \"https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/7\", \"name\": \"[oss-security] 20231010 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/10/6\", \"name\": \"[oss-security] 20231010 CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected\"}, {\"url\": \"https://github.com/microsoft/CBL-Mariner/pull/6381\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo\"}, {\"url\": \"https://github.com/facebook/proxygen/pull/466\"}, {\"url\": \"https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088\"}, {\"url\": \"https://github.com/micrictor/http2-rst-stream\"}, {\"url\": \"https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve\"}, {\"url\": \"https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/\"}, {\"url\": \"https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf\"}, {\"url\": \"https://github.com/h2o/h2o/pull/3291\"}, {\"url\": \"https://github.com/nodejs/node/pull/50121\"}, {\"url\": \"https://github.com/dotnet/announcements/issues/277\"}, {\"url\": \"https://github.com/golang/go/issues/63417\"}, {\"url\": \"https://github.com/advisories/GHSA-vx74-f528-fxqg\"}, {\"url\": \"https://github.com/apache/trafficserver/pull/10564\"}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487\"}, {\"url\": \"https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14\"}, {\"url\": \"https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/10/10/6\"}, {\"url\": \"https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\"}, {\"url\": \"https://github.com/opensearch-project/data-prepper/issues/3474\"}, {\"url\": \"https://github.com/kubernetes/kubernetes/pull/121120\"}, {\"url\": \"https://github.com/oqtane/oqtane.framework/discussions/3367\"}, {\"url\": \"https://github.com/advisories/GHSA-xpw8-rcwv-8f8p\"}, {\"url\": \"https://netty.io/news/2023/10/10/4-1-100-Final.html\"}, {\"url\": \"https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487\"}, {\"url\": \"https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/\"}, {\"url\": \"https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack\"}, {\"url\": \"https://news.ycombinator.com/item?id=37837043\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/issues/93\"}, {\"url\": \"https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html\"}, {\"url\": \"https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1\"}, {\"url\": \"https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5522\", \"name\": \"DSA-5522\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5521\", \"name\": \"DSA-5521\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-44487\"}, {\"url\": \"https://github.com/ninenines/cowboy/issues/1615\"}, {\"url\": \"https://github.com/varnishcache/varnish-cache/issues/3996\"}, {\"url\": \"https://github.com/tempesta-tech/tempesta/issues/1986\"}, {\"url\": \"https://blog.vespa.ai/cve-2023-44487/\"}, {\"url\": \"https://github.com/etcd-io/etcd/issues/16740\"}, {\"url\": \"https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event\"}, {\"url\": \"https://istio.io/latest/news/security/istio-security-2023-004/\"}, {\"url\": \"https://github.com/junkurihara/rust-rpxy/issues/97\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1216123\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2242803\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-44487\"}, {\"url\": \"https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125\"}, {\"url\": \"https://github.com/advisories/GHSA-qppj-fm5r-hxr3\"}, {\"url\": \"https://github.com/apache/httpd-site/pull/10\"}, {\"url\": \"https://github.com/projectcontour/contour/pull/5826\"}, {\"url\": \"https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632\"}, {\"url\": \"https://github.com/line/armeria/pull/5232\"}, {\"url\": \"https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/\"}, {\"url\": \"https://security.paloaltonetworks.com/CVE-2023-44487\"}, {\"url\": \"https://github.com/akka/akka-http/issues/4323\"}, {\"url\": \"https://github.com/openresty/openresty/issues/930\"}, {\"url\": \"https://github.com/apache/apisix/issues/10320\"}, {\"url\": \"https://github.com/Azure/AKS/issues/3947\"}, {\"url\": \"https://github.com/Kong/kong/discussions/11741\"}, {\"url\": \"https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487\"}, {\"url\": \"https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/\"}, {\"url\": \"https://github.com/caddyserver/caddy/releases/tag/v2.7.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html\", \"name\": \"[debian-lts-announce] 20231013 [SECURITY] [DLA 3617-1] tomcat9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/4\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/13/9\", \"name\": \"[oss-security] 20231013 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/\"}, {\"url\": \"https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/\", \"name\": \"FEDORA-2023-ed2642fd58\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3621-1] nghttp2 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231016-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html\", \"name\": \"[debian-lts-announce] 20231016 [SECURITY] [DLA 3617-2] tomcat9 regression update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/4\", \"name\": \"[oss-security] 20231018 Vulnerability in Jenkins\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/18/8\", \"name\": \"[oss-security] 20231018 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/19/6\", \"name\": \"[oss-security] 20231019 CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/\", \"name\": \"FEDORA-2023-54fadada12\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/\", \"name\": \"FEDORA-2023-5ff7bf1dd8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/20/8\", \"name\": \"[oss-security] 20231020 Re: CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/\", \"name\": \"FEDORA-2023-17efd3f2cd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/\", \"name\": \"FEDORA-2023-d5030c983c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/\", \"name\": \"FEDORA-2023-0259c3f26f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/\", \"name\": \"FEDORA-2023-2a9214af5f\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/\", \"name\": \"FEDORA-2023-e9c04d81c1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/\", \"name\": \"FEDORA-2023-f66fc0f62a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/\", \"name\": \"FEDORA-2023-4d2fd884ea\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/\", \"name\": \"FEDORA-2023-b2c50535cb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"name\": \"FEDORA-2023-fe53e13b5b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"name\": \"FEDORA-2023-4bf641255e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html\", \"name\": \"[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5540\", \"name\": \"DSA-5540\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html\", \"name\": \"[debian-lts-announce] 20231031 [SECURITY] [DLA 3638-1] h2o security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/\", \"name\": \"FEDORA-2023-1caffb88af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/\", \"name\": \"FEDORA-2023-3f70b8d406\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/\", \"name\": \"FEDORA-2023-7b52921cae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/\", \"name\": \"FEDORA-2023-7934802344\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/\", \"name\": \"FEDORA-2023-dbe64661af\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"name\": \"FEDORA-2023-822aab0a5a\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html\", \"name\": \"[debian-lts-announce] 20231105 [SECURITY] [DLA 3645-1] trafficserver security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5549\", \"name\": \"DSA-5549\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/\", \"name\": \"FEDORA-2023-c0c6a91330\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/\", \"name\": \"FEDORA-2023-492b7be466\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5558\", \"name\": \"DSA-5558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html\", \"name\": \"[debian-lts-announce] 20231119 [SECURITY] [DLA 3656-1] netty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"name\": \"GLSA-202311-09\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5570\", \"name\": \"DSA-5570\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240426-0007/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0006/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0007/\"}, {\"url\": \"https://github.com/grpc/grpc/releases/tag/v1.59.2\"}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-06-07T20:05:34.376Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-44487\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T10:52:23.784Z\", \"dateReserved\": \"2023-09-29T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-10-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2023:6044
Vulnerability from csaf_redhat - Published: 2023-10-23 19:21 - Updated: 2026-02-03 02:59Summary
Red Hat Security Advisory: Cost Management security update
Severity
Important
Notes
Topic: An update for costmanagement-metrics-operator-bundle-container and costmanagement-metrics-operator-container is now available for Cost Management for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64 | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for costmanagement-metrics-operator-bundle-container and costmanagement-metrics-operator-container is now available for Cost Management for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6044",
"url": "https://access.redhat.com/errata/RHSA-2023:6044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6044.json"
}
],
"title": "Red Hat Security Advisory: Cost Management security update",
"tracking": {
"current_release_date": "2026-02-03T02:59:37+00:00",
"generator": {
"date": "2026-02-03T02:59:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2023:6044",
"initial_release_date": "2023-10-23T19:21:34+00:00",
"revision_history": [
{
"date": "2023-10-23T19:21:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T19:21:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T02:59:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cost Management for RHEL 8",
"product": {
"name": "Cost Management for RHEL 8",
"product_id": "8Base-costmanagement",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cost_management:1::el8"
}
}
}
],
"category": "product_family",
"name": "Cost Management"
},
{
"branches": [
{
"category": "product_version",
"name": "costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"product": {
"name": "costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"product_id": "costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73?arch=amd64\u0026repository_url=registry.redhat.io/costmanagement/costmanagement-metrics-operator-bundle\u0026tag=3.0.1-1"
}
}
},
{
"category": "product_version",
"name": "costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64",
"product": {
"name": "costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64",
"product_id": "costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09?arch=amd64\u0026repository_url=registry.redhat.io/costmanagement/costmanagement-metrics-rhel8-operator\u0026tag=3.0.1-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64 as a component of Cost Management for RHEL 8",
"product_id": "8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64"
},
"product_reference": "costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"relates_to_product_reference": "8Base-costmanagement"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64 as a component of Cost Management for RHEL 8",
"product_id": "8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
},
"product_reference": "costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64",
"relates_to_product_reference": "8Base-costmanagement"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
],
"known_not_affected": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T19:21:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6044"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
],
"known_not_affected": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T19:21:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6044"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-costmanagement:costmanagement/costmanagement-metrics-operator-bundle@sha256:afcee273a058fa1ac7643271ee775bdc1ca5d765f0ea36af3b3a6633d9fcbd73_amd64",
"8Base-costmanagement:costmanagement/costmanagement-metrics-rhel8-operator@sha256:d5f91b20b8f00e42bfe1f2a24910d3ea56a820bc5814307c0c7fc85dfb103e09_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6048
Vulnerability from csaf_redhat - Published: 2023-10-23 20:24 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: ACS 4.2 enhancement and security update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of RHACS 4.2.2 includes fixes for the following security
vulnerabilities:
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
It contains the following bug fixes and changes:
* Previously, Red Hat OpenShift Container Platform customers using the downloaded manifest bundle with automatic upgrades enabled found that Sensor did not automatically upgrade, and failed with a `PRE_FLIGHT_CHECKS_FAILED` error. This issue has been fixed. (ROX-19955)
* RHACS 4.2.2 includes a new default policy called "Rapid Reset: Denial of
Service Vulnerability in HTTP/2 Protocol". This policy alerts on
deployments with images containing components that are susceptible to a
Denial of Service (DoS) vulnerability for HTTP/2 servers, based on
CVE-2023-44487 and CVE-2023-39325. This policy applies to the build or
deploy life cycle stage.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.2.2 includes fixes for the following security\nvulnerabilities:\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nIt contains the following bug fixes and changes:\n\n* Previously, Red Hat OpenShift Container Platform customers using the downloaded manifest bundle with automatic upgrades enabled found that Sensor did not automatically upgrade, and failed with a `PRE_FLIGHT_CHECKS_FAILED` error. This issue has been fixed. (ROX-19955)\n\n* RHACS 4.2.2 includes a new default policy called \"Rapid Reset: Denial of\nService Vulnerability in HTTP/2 Protocol\". This policy alerts on\ndeployments with images containing components that are susceptible to a\nDenial of Service (DoS) vulnerability for HTTP/2 servers, based on\nCVE-2023-44487 and CVE-2023-39325. This policy applies to the build or\ndeploy life cycle stage.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6048",
"url": "https://access.redhat.com/errata/RHSA-2023:6048"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_security_for_kubernetes/4.2/html/release_notes/release-notes-42",
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_security_for_kubernetes/4.2/html/release_notes/release-notes-42"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-39325",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6048.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.2 enhancement and security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:47+00:00",
"generator": {
"date": "2026-06-19T19:32:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6048",
"initial_release_date": "2023-10-23T20:24:48+00:00",
"revision_history": [
{
"date": "2023-10-23T20:24:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T20:24:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.2 for RHEL 8",
"product": {
"name": "RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.2-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.2-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.2-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.2-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.2-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.2-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.2-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64 as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"relates_to_product_reference": "8Base-RHACS-4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x as a component of RHACS 4.2 for RHEL 8",
"product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x",
"relates_to_product_reference": "8Base-RHACS-4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T20:24:48+00:00",
"details": "If you are using an earlier version of RHACS 4.2, you are advised to upgrade to patch release 4.2.2.",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6048"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T20:24:48+00:00",
"details": "If you are using an earlier version of RHACS 4.2, you are advised to upgrade to patch release 4.2.2.",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6048"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:8f37c6215c27e7231546a97987b471bae5f3f5cd7458989cc9f032d7429ce9a5_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:925bdf348da6851a2f0efd903ce3061b7d0ed7b17dee8aa76e4e3d75f0b28150_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f2fad967d9f9d6f8e8b9dbec3e2a581a43b64f02fdc584750e206674d655dd5f_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:0fc1a13e6960e5077ae351cd6f12c65cc06fb9526dc9261eed98345e7b9a98c0_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:7f5898e7d868865d56b91f81d314bdc41a265e177f741dd05d4a9dc3b74d54bb_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:f591a221d2dbe643b6d975d1a2e9b9289173e2e845a838ab850debe20c957f11_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0572022184db58987b3abb065f0abac5368d7163d671e287151986a4b18898cf_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:13315f5c0db23887865ac2d310bd33b6258ac409d185209656531bc0b1fa0b2a_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2844fcd4aa1aa285fffd24d0d07bd0e23b0927236d8d52ca51dafe3f06724850_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:638b97de5d0f42e63a75764430801f8c6cca99994b82a1741efb9e8a5fca34d2_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:f92ebfda68d49b1d0460cda21d8ccb4b5c9c88224b85e0aca9c2f6c29e195445_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:fd758a96e8b07884a9ecd9e3b948889bb9004af3fbe6a370b6f54baed179797c_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:48fa08e690f9b2fbbde8fada15c9b124eb1fca868040369a73c98b95a9eff301_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:75148e16a364e4f67ecb8e914fc16b7ca4112c4e844b0d361a3feb88468f1215_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:9a029334191c6b5b15df35e1959b2860da68ac3673ef8009bd54189e685a3b03_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:103b5cd32930836320eea0b28532ff9160cea7b02ddbb6af47df7433f7bb47c4_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:31d38c18be2020f49c28dee55ca92fd14237c6b9e3f54d7b0d6f1ded0ed4c372_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:772b19a562fe52c709532b487233cfbfa8cee16f12da309fd4432df04792f32c_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9e05ce576af3755eb9db6b38c01bd851b2335f4cbd116338ebcac4e3ed6a1ab0_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fab7366274d9d9d903ecc42bbb0219954481eb2a9a43cbb046df9f31f522c4b4_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fec8341ce138808c01cb45838a6e494bf99d079a5009b622a8e4b0f3c1beee48_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1dc2e9076e32731506a39472bd045f90474f22a7a2fb0c0dbeca2942c4e8b06a_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3b6df0593ce67833341a1ba58571753dbd20edc28490cf5647ea4f3d3a36c33e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4b386c2c2343fa09a4f71d4f7481b0e8daf7fcb3a3a710ff9f7c0e492070f156_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:62f346b0b81423603f6804de7938106653dc6fed6c22d9660426869cdbbda0ed_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:790f6345dc5a23855b2c3a2f0f1b07d6590659b8ff377833ce4d82f681056275_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:89ca3042eb40d7bf4ea2658e1a9f39cd507d71d469d927f48e5a36f64eff98cb_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d6df1627b7cbbe659afdc40c395fd8fe85f237bdc58fc86bb589ca8a5995141_s390x",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2ed5dd9abad665d668416feda3ad4bf8631a083fe4616e502245bdd679388687_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:fb3a7a2124196239fefe325f45132797d2bb4795de89a26e78a53ff8e0d9094e_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2d39a1d54058d0bb181afc9218ee65698f572f3aa6c67c9cc058b23ea68cf32e_ppc64le",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3e0076d3574ecf23354a340f808926c4dc9e338920daa83085764c0f2a092025_amd64",
"8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4bc615a0954e2514c7266a639bcf0dedc290cf8d464738143ce73a5711e9dd66_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6057
Vulnerability from csaf_redhat - Published: 2023-10-23 21:13 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: toolbox security update
Severity
Critical
Notes
Topic: An update for toolbox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for toolbox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6057",
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6057.json"
}
],
"title": "Red Hat Security Advisory: toolbox security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:47+00:00",
"generator": {
"date": "2026-06-19T19:32:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6057",
"initial_release_date": "2023-10-23T21:13:36+00:00",
"revision_history": [
{
"date": "2023-10-23T21:13:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:13:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.src",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.src",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-4.el9_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product_id": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-4.el9_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-4.el9_0.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:13:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:13:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6057"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.src",
"AppStream-9.0.0.Z.EUS:toolbox-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debuginfo-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-debugsource-0:0.0.99.3-4.el9_0.x86_64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.aarch64",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.ppc64le",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.s390x",
"AppStream-9.0.0.Z.EUS:toolbox-tests-0:0.0.99.3-4.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6059
Vulnerability from csaf_redhat - Published: 2023-10-23 21:20 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.12.1 release and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Pipelines Client tkn for 1.12.1 has been released.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Pipelines Client, tkn for the 1.12.1 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.12.1
The tkn CLI tool is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines Client tkn for 1.12.1 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines Client, tkn for the 1.12.1 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.12.1\n\nThe tkn CLI tool is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6059",
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.13/cli_reference/tkn_cli/installing-tkn.html",
"url": "https://docs.openshift.com/container-platform/4.13/cli_reference/tkn_cli/installing-tkn.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "SRVKP-3551",
"url": "https://issues.redhat.com/browse/SRVKP-3551"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6059.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.12.1 release and security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:48+00:00",
"generator": {
"date": "2026-06-19T19:32:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6059",
"initial_release_date": "2023-10-23T21:20:26+00:00",
"revision_history": [
{
"date": "2023-10-23T21:20:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:20:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product_id": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client@1.12.1-11260.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product_id": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-pipelines-client-redistributable@1.12.1-11260.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.src as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.src",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64"
},
"product_reference": "openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
},
"product_reference": "openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:20:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:20:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6059"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.src",
"8Base-PIPELINES-1.12:openshift-pipelines-client-0:1.12.1-11260.el8.x86_64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.aarch64",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.s390x",
"8Base-PIPELINES-1.12:openshift-pipelines-client-redistributable-0:1.12.1-11260.el8.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6061
Vulnerability from csaf_redhat - Published: 2023-10-23 21:57 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: Red Hat OpenShift Pipelines 1.12.1 release and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Pipelines 1.12.1 has been released.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat OpenShift Pipelines consists of:
- Tekton Pipelines 0.50.x
- Tekton Triggers 0.25.x
- ClusterTasks based on Tekton Catalog
- Tekton tkn CLI 0.32.x
- Tekton Operator 0.68.x
- Tekton Chains 0.17.x (GA)
- Tekton Hub 1.14.x (TP)
- Tekton Result 0.8.x (TP)
- Pipelines-as-Code 0.21.x (GA)
For more information, see the Release Notes on any one of the following platforms:
- Customer Portal: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/cicd/pipelines#op-release-notes-1-12_op-release-notes
- OpenShift documentation: https://docs.openshift.com/container-platform/4.13/cicd/pipelines/op-release-notes.html#op-release-notes-1-12_op-release-notes
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
100 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines 1.12.1 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat OpenShift Pipelines consists of:\n\n- Tekton Pipelines 0.50.x\n- Tekton Triggers 0.25.x\n- ClusterTasks based on Tekton Catalog\n- Tekton tkn CLI 0.32.x\n- Tekton Operator 0.68.x\n- Tekton Chains 0.17.x (GA)\n- Tekton Hub 1.14.x (TP)\n- Tekton Result 0.8.x (TP)\n- Pipelines-as-Code 0.21.x (GA)\n\nFor more information, see the Release Notes on any one of the following platforms:\n\n- Customer Portal: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.13/html/cicd/pipelines#op-release-notes-1-12_op-release-notes\n\n- OpenShift documentation: https://docs.openshift.com/container-platform/4.13/cicd/pipelines/op-release-notes.html#op-release-notes-1-12_op-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6061",
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/pipelines/1.12/about/understanding-openshift-pipelines.html",
"url": "https://docs.openshift.com/pipelines/1.12/about/understanding-openshift-pipelines.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "SRVKP-3550",
"url": "https://issues.redhat.com/browse/SRVKP-3550"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6061.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines 1.12.1 release and security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:48+00:00",
"generator": {
"date": "2026-06-19T19:32:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6061",
"initial_release_date": "2023-10-23T21:57:37+00:00",
"revision_history": [
{
"date": "2023-10-23T21:57:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-23T21:57:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.12.1-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.12.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.12.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.12.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.12.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.12.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.12.1-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.12.1-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64 as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le as a component of OpenShift Pipelines version 1.12 for RHEL 8",
"product_id": "8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:57:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nIf you selected the Automatic update strategy when you installed the Red Hat OpenShift Pipelines operator, the operator applies this update automatically. If you selected the Manual update strategy, use the OpenShift Container Platform web console to approve the update. For instructions about approving\nthe update, see:\n\nhttps://docs.openshift.com/container-platform/4.10/operators/admin/olm-upgrading-operators.html#olm-approving-pending-up[\u2026]e_olm-upgrading-operators",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-23T21:57:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nIf you selected the Automatic update strategy when you installed the Red Hat OpenShift Pipelines operator, the operator applies this update automatically. If you selected the Manual update strategy, use the OpenShift Container Platform web console to approve the update. For instructions about approving\nthe update, see:\n\nhttps://docs.openshift.com/container-platform/4.10/operators/admin/olm-upgrading-operators.html#olm-approving-pending-up[\u2026]e_olm-upgrading-operators",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6061"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:116359e30bc6aa61773d6963383760a54d65fbd8d4e519eec4509b69852e95ea_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:2ea77b758529e064dae4d1bcd5b326138f86735e216d1306a4e2c7cac00f3134_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:4318a47d134f0fbcac0fe68cde31efc05e7aeb8a197cfdd13a58b848aa7d227f_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:797342f67fd5fa305ccb10b07085e10c65ad58bf6c95c94af139ca44c537cb17_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:0a1cc1b6df16a7b94075369909bba6aa136028ead28cc147ca2cba04875a7868_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:1aa2ec69df67db06e4240b27f9509a367ab030df653629a6537508e22a6576e5_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:28262e80e10cb265b53d79e85244febb7f3b484be32d4ce7b745bbd461e2d826_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:3d3f6bb7ffa163cffb3cbaebb83f40838a53b3f12a4a0f150ce7e675707c5952_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:1575c6566d0eef999fa2fb98d32213b5f7c330a2b994af4fbd50d5f7351e2c03_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:287e63d390d671f26744ce8777bcc32462263b01b498dd227b83532462714c29_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:61e2e3822dc0709407ee493c5cb7feeb65d0ae797faead9513bde74eb4f39be1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-controller-rhel8@sha256:dff11111aa116706c4805c8480f5a12058ed59b2776858b19c0e01168d01cc14_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:0f40a29b561a9993cbfec7cd708b074e589954af0a428e52c20c44ff210f986b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:669b7e4241129e9336c23da8fd8ebeed5464d65945ee284e7131d48da99890b4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2d8abd9ad6bfafa84ece67b548aa2942ba1779ce1fda438279ac63b60896776_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:e886d5ebad7ac27623069fe464c908a26b1beeaadc8ec57f6612e2b508846ead_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:3e0d44dc4552aa6612d32646a902d5752dc057415ff27c6929b2aa49bffbef4e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:7e82a4f854a86bc651071c87627d21af96e626ed33337b2578fe57fee89468c2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8b4611e27d99bde9fb579a1bc8721ab6d52f17bfb81f2454434c5ed19a98a2ea_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-events-rhel8@sha256:8de8684a69b587d1f065d6078e81a3e5341ff21c485ceaac6383aa8c517fe0b3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:07586965cffa016dafc2847be858c8587abff1fedbf2b2df748cd58514e3ef4b_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:38af85bccd58ac63b36c8e9a2ef3b06f26d6a4759827f4e5cbeb1b659a820bde_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:9a78ad10c41dc3a256b8fcef61effd6789ca7725c33fb49f92f8dd39bc82173b_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-git-init-rhel8@sha256:f9f11063dce92b9dde7616b7fe994d91e19d3b4cc50aa36d003fb658c2efaffd_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:346f87d202160ba458f93207b0c66bfef3b8203d9aa48c47677c64a9ff9467d8_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38ddec97f08a0bc1ff1e463a571ab62489dc938ed16ad1c3dd2c4b41139a8a90_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:5790386713432c09382d7acbbaf603a95c7098fb2f6af9f88822ce50c5af0760_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-api-rhel8@sha256:d023f432d3bce3f5706b1b909ea8a8d36a4c370f0fcf50ee9e648b7f4fb095bc_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:2beb349996a33481911d905a899be11b59d5cd4c3a16f7c37f0fc67eb1ae090b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4a33269cee36726cf553107faaff19fa1115cd35e4965a5a698f721a0631729f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4ede517f844b45e55a4a8487c754bbb9a2946a34573e844a12a9dd2f053f684e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:e6035115e3a393125d5ca8ac648a88a662824e24a97fc051f72a80849756a9d2_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0850cb1af40ab81ba7b9e5bbd569621694aabd6b28e3ba6160d270308e5fe6be_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:cf39fd2b6d5e209781c2bb329f907c76b2263b45d24af84f538a2721d4610d56_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:dd0fb9390ecb2e23f61b57bfe3fb896596b57a5cda963250cdbf0d145a536a86_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:e8922f4d8c9d92d3a9aaf7e62ad135c07d5e908be6ee30ca04fc29da897dfea0_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:291d7da532c7d33b345bb801f3c38f80be5cf35b99c9be47e0666be69a3244da_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:487cc30c2c670aba327b729db1299f483e047b607db676b5a3ee706849831bda_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:62eaf79892ebf6f8873d89f511b87d398f8f742b4f139f959a2e3f7ba99cc280_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-nop-rhel8@sha256:d38def1b0a62fdd49f40d785e6efc6f1ee73b6e0bdb0b98f98dd73696498488d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:115e99b0799fc6e0d3a14e6f1656e922111444fc23f08be11bedbec83dc86cc3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:474120a685ba41e91084a1631621418cd57c65f987981436e4e3bff31d5f402f_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:91517f7e8fe93b57650d307a7e78b82a6f70107460bb667dd7b850a6cdd6deb1_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-bundle@sha256:d2909feede4924df75047a0c0c0a836b8b6efe4e0da083d1878fb2e7e0c23507_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:2f158c95e2018b79a8dbe9b5164bce3319182b84cef8859697e95b9aa1012c1a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:410eb6fa5b37835acaf5cea259e0a70163a4be87f54ba045ad24b5e2b7bd010e_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f4dfe1212cb6acdd76e883ef917c00e058f553ab04e2ed66912c9723bbcdfc59_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:f5b391696522945fa00a55977f2f7727452549309d923bc2a7e2608bcefdb7c9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:031e149e550685a213fef705dc71f0f830a0fd4be42afc70f6a89d8163acbcad_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:0ce510deaecb5fda9bea248cde60c5743d1e4094087e58f9a72de1b2597ab26a_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:6e926a41e998366d20ea5562f8b5a3662815907e0a066e875859947defc5b119_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:c4e2b44ae685e9cde43dcb8964337c81acf0e519f205d0366c8a0fb12cce075b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:0aa1ea10b71db84fb46127d81891cebb98fef546c45c276fefda79133992eaa3_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:4fc979e5d559ca2c88999f9e0289abbfd7abff4b17f6001349aacbb8db4765a4_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:5384a4a6adc017b2c522732e87b795349d0879d7d5ea2b7d11191b416701778b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:6049abe50510fb913fecb8828d6dd054a0ad2e9382920c78bc70c4e1030d5b50_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6777f3a06a187632435fe720a144dec4f7ed44f326f69d409ba41302fe145eb7_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:c5d326316813a458955aa99fe2db671797bfc9901089b053db657ec4c1b0a50e_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:e8509f0ed5a4230067a956c148ffd2cf1ea1d4a534bb76669f3b4488502ee0e1_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-resolvers-rhel8@sha256:f127289c8505ac6d184e5c4dd16d7ed4d450a7fd7a90e19aebe3ad4845d432b9_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:601d3c134545e442d69ef465c86c56147873f7e5ee55f75690a21814e1c9d24b_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:7a4c0a4be506ea572c4e92dcf982e512b457ac407e50f6e1918222e74e547998_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:8cf80131852b0286a1c37951aceeed4672c2b2ec79404e9d24ba6226aaf6e3d3_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-api-rhel8@sha256:da7c94fef6c13de426492f80bd0e6ffaeefbc7243a52c25a0b50b13409f27ca3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:13dc44a684a981c8443054577ba974e16cbf5c2250cf299b084363ff62cca4bf_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:364bd3b69dcd4e362daca5b28a2f663537db35491566600683b42baf65ae0a3b_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:919ce4d550a7c801c6770424fbc20af457284853b897e4d93026a2fa451ad985_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:b79cad87c2c29dfaa06921389a7f844a129f7ca565fc04d58db3a17ee6aed575_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:48403dc5bebb446bf2678fe5015282e30d1f9962d540395b0c4b9485367274ed_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:6431d010afbeecaa84dd29a5df6271ee886aed8df8f702d55b066858f4fa5510_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:9cb6891d5ed9bbe719b927b8c5bb1156fa37cf73cb539d2aedee7685dd95b8fa_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-rhel8-operator@sha256:f4838dc71f1c62782a67f4ae35e3a4cc72d11b10644491e461752140164f2570_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:0771070fdd2004d189c58feb9a0c62debed68985553570f1cc14d621f974e5cf_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:6ae9e91827c9c27aa908c07c956f233d6faaccd492d0966eee36ba086190c7d7_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:a9259b212e388a3648a5236a8597262e732a47c26b2040581dbb8f101dc226b4_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:c986e1df834c8862a80390f8a605647d3a6f50e5fc1a13c6d92d2a89477f057e_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f199873cd481ff2a4e57f42c4e2e5831a6d586ac2f784e7376fae437ea7dfa8_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:70eabeabda582b788dc35b38c56e346f1eb1e03e802122f3dbebc03a3fe10b48_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:9c5aed4e686d4a61a8dbc268117a54386c937e6d559c95cf9ac775e73a5da470_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ccba683724b61543d5d553aac65198f2d522f202d26a7950f54033099946ad2d_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:2dfdff7382bd8f605eae8be7a50d8c26bdb7288ad1872714cb6e699d6825a571_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:5627436ea299325eb23bfdf59eaad9b5278432a421746bfc2b790223723712c7_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:939d34be2719f922c797937f83c94a3f42c013766eb2e4cf4df9d7afc1d33993_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:e61d5775a496c35e97b5245bd4ad11ee67ecb0d1e65e2d155b51723d66ff2588_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:845db9b34b2ceb0a6a126796aba0f0368e6b028b0e472a278dec4626a2d07365_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a7f5864d2be8ed24e4e1edd517b9ba60a7f385aa556841dc4f1f19a9e37e8f69_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a8d7b2773ba0936d6ee1ddc8725771d113893195c1a3601464a72232b15207e2_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e75a24593e79a36d593ec3818573875898561b327f74ee96fc1dd5124f9f7a19_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8affee75c32087f61e1ecbe77ebd08269aa36d7ceaf5fb0ae1e9982f2488c39a_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:993b6cbb4990ee9355ce505aac2882a72481fa6a8c1bdb2114bd435167ae5fb3_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:ba3a8d4f2571f0c55391100c6616ab3d3c86a82a82bf82119a1714b61194517c_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:d99348b1b2ad44ee54043300389e534c54e85c7d3515148cccfc03abdef9ce00_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:9a3e514b0e95ebef02939fa92529647d82dcd6a4061c5d9483e376ddf454cc55_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:b08ad288721af271ade9a982fa00ac91de30784b5cf087fcc1a75857159a2c3c_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:bde79fe3e2cd0bf3142f41f7c804e97cdd88cb24ee34d60509fa83efc4877ecc_ppc64le",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-webhook-rhel8@sha256:fcacefc31f869dcb0287a54eeafcb4a44db8c13697ed486f2fcb5b3aa6b47041_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:0ab99cc4f6f684aac86b57d6fb7c18eefac5f8dae1c9663f4903ca6f88baf6ed_s390x",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:26fb9b49f33fda7c7fa68a94db45210fa27119ac41376de9deef9af104bed059_amd64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:a8d7d8f7df1e2ea94bc4d221571bccd70c9f7d80955ba08b9281e2488e3c8752_arm64",
"8Base-PIPELINES-1.12:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:e2790658d28dd41417c69476daf1d3e6f6228ed73ed07bc20aed1c5d9ff382eb_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6077
Vulnerability from csaf_redhat - Published: 2023-10-24 12:18 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: toolbox security update
Severity
Moderate
Notes
Topic: An updated rhel9/toolbox container image is now available in the Red Hat container registry.
Details: The rhel9/toolbox container image can be used with Toolbox to obtain RHEL based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI.
This updates the rhel9/toolbox image in the Red Hat container registry.
To pull this container image, run one of the following commands:
podman pull registry.redhat.io/rhel9/toolbox (authenticated)
podman pull registry.access.redhat.com/ubi9/toolbox (unauthenticated)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Moderate
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated rhel9/toolbox container image is now available in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "The rhel9/toolbox container image can be used with Toolbox to obtain RHEL based containerized command line environments to aid with development and software testing. Toolbox is built on top of Podman and other standard container technologies from OCI.\n\nThis updates the rhel9/toolbox image in the Red Hat container registry.\n\nTo pull this container image, run one of the following commands:\n\n podman pull registry.redhat.io/rhel9/toolbox (authenticated)\n podman pull registry.access.redhat.com/ubi9/toolbox (unauthenticated)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6077",
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6077.json"
}
],
"title": "Red Hat Security Advisory: toolbox security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:49+00:00",
"generator": {
"date": "2026-06-19T19:32:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6077",
"initial_release_date": "2023-10-24T12:18:38+00:00",
"revision_history": [
{
"date": "2023-10-24T12:18:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T12:18:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.src",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.src",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-tests@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debugsource@0.0.99.3-10.el9_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product_id": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox-debuginfo@0.0.99.3-10.el9_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
},
"product_reference": "toolbox-tests-0:0.0.99.3-10.el9_2.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:18:38+00:00",
"details": "The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \"podman pull\" command.\n\nFor more information about the image, search the \u003cimage_name\u003e in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:18:38+00:00",
"details": "The container image provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \"podman pull\" command.\n\nFor more information about the image, search the \u003cimage_name\u003e in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6077"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.src",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debuginfo-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-debugsource-0:0.0.99.3-10.el9_2.x86_64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.aarch64",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.ppc64le",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.s390x",
"AppStream-9.2.0.Z.MAIN.EUS:toolbox-tests-0:0.0.99.3-10.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6079
Vulnerability from csaf_redhat - Published: 2023-10-24 12:55 - Updated: 2026-06-02 15:03Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.3 release and security update
Severity
Important
Notes
Topic: Red Hat Integration Camel for Spring Boot 3.20.3 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A security update for 3.20.3 is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.3
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel for Spring Boot 3.20.3 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A security update for 3.20.3 is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6079",
"url": "https://access.redhat.com/errata/RHSA-2023:6079"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q4"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6079.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.3 release and security update",
"tracking": {
"current_release_date": "2026-06-02T15:03:48+00:00",
"generator": {
"date": "2026-06-02T15:03:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:6079",
"initial_release_date": "2023-10-24T12:55:58+00:00",
"revision_history": [
{
"date": "2023-10-24T12:55:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T12:55:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:03:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.20.3",
"product": {
"name": "RHINT Camel-Springboot 3.20.3",
"product_id": "RHINT Camel-Springboot 3.20.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.20.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T12:55:58+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHINT Camel-Springboot 3.20.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6079"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"RHINT Camel-Springboot 3.20.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.3"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6080
Vulnerability from csaf_redhat - Published: 2023-10-24 13:02 - Updated: 2026-06-02 15:03Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.1 release security update
Severity
Important
Notes
Topic: Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 4.0.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:4.0.1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6080",
"url": "https://access.redhat.com/errata/RHSA-2023:6080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q4"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6080.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 4.0.1 release security update",
"tracking": {
"current_release_date": "2026-06-02T15:03:48+00:00",
"generator": {
"date": "2026-06-02T15:03:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:6080",
"initial_release_date": "2023-10-24T13:02:51+00:00",
"revision_history": [
{
"date": "2023-10-24T13:02:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T13:02:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T15:03:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 4.0.1",
"product": {
"name": "RHINT Camel-Springboot 4.0.1",
"product_id": "RHINT Camel-Springboot 4.0.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:4.0.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 4.0.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T13:02:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 4.0.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6080"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"RHINT Camel-Springboot 4.0.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 4.0.1"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6084
Vulnerability from csaf_redhat - Published: 2023-10-24 14:57 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: RHACS 3.74 enhancement and security update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes new features and bug fixes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of RHACS 3.74.7 includes fixes for the following security
vulnerabilities:
* golang: net/http, x/net/http2: rapid stream resets can cause excessive
work
(CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS
attack
(Rapid Reset Attack) (CVE-2023-44487)
* Various CVEs in containers for glibc security issues
A Red Hat Security Bulletin which addresses further details about this flaw
is
available in the References section.
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
RHACS 3.74.7 includes a new default policy called "Rapid Reset: Denial of
Service
Vulnerability in HTTP/2 Protocol". This policy alerts on deployments with
images
containing components that are susceptible to a Denial of Service (DoS)
vulnerability for HTTP/2 servers, based on CVE-2023-44487 and
CVE-2023-39325.
This policy applies to the build or deploy life cycle stage.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le | — |
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes new features and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 3.74.7 includes fixes for the following security\nvulnerabilities:\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive\nwork\n(CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS\nattack\n(Rapid Reset Attack) (CVE-2023-44487)\n\n* Various CVEs in containers for glibc security issues\n\nA Red Hat Security Bulletin which addresses further details about this flaw\nis\navailable in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nRHACS 3.74.7 includes a new default policy called \"Rapid Reset: Denial of\nService\nVulnerability in HTTP/2 Protocol\". This policy alerts on deployments with\nimages\ncontaining components that are susceptible to a Denial of Service (DoS)\nvulnerability for HTTP/2 servers, based on CVE-2023-44487 and\nCVE-2023-39325.\nThis policy applies to the build or deploy life cycle stage.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6084",
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html",
"url": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6084.json"
}
],
"title": "Red Hat Security Advisory: RHACS 3.74 enhancement and security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:49+00:00",
"generator": {
"date": "2026-06-19T19:32:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6084",
"initial_release_date": "2023-10-24T14:57:00+00:00",
"revision_history": [
{
"date": "2023-10-24T14:57:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T14:57:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 3.74 for RHEL 8",
"product": {
"name": "RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.7-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.7-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.7-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.7-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.7-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T14:57:00+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.7.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T14:57:00+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.7.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6084"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4953938e00bf4114fa18e0520ccf20611686da2372615187e5c4f2fdfbb01e06_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4915dcdfd96742aa5ba9ca38d0de9938ce9c85f6fffa867c35427829ee7462f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f8fa778d169160543339202f870232b6b00a1d01347f4041565cae9acc910ea9_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:0ae622d315c3f3b23d76b7bc864c8b3d45d53db76a1fcc46d77be0c126bb93ea_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:623ece01f5d7af6844848879985ca0a9a50473cf3e3bb6f4923280948d9ff896_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:6246642e8ac76535613ae5758a0cbc1e408440de2ea2f8cc208c96d7266aac22_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:8c32a894305bb7fc0ac7ed37872a8dbb09f50c387bd7eb9c955c6cd11c9cf4fe_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:927d84e4c8b52de401106d5aa10605eee94ce911a9d8e81e0c41d3b8beb7c63a_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:e5bba2853add1a8dee9cd34a542b4baf82a50091a917c83b74ade4298528bd3e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0a7f042c6158dbc550e5f32ecbf5829ed925d2c9fdf30c1705ff4c3ce4bce077_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:729e49fb7cfe2bd21541b1e82ccbb77197285aa90486b0c1685379484a956dd9_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:95265ddc882b2548ed35ae247b283d0f25dce30a3904717396fe17c701d4eb81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:42a9acbb0b0a6db326b51044c7e9c99f7a89b5861ac706eab1595b34146b77c4_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:55bea5ed24d5fda12c5a6ac34a908da2c471937fb2c934df1188b806ab56d96e_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:b8aa66884d5fdfc0383d7a6fdf34418b2c55a00f441fa41a374ca405d7b3f068_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:2adb884147e473b17086eb7cd5462fdd4ab18e6bdc81cd81940001be4a5b67c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:373275fba75136a5735ce6a98b94f6b44fc6122d278fdc347f8a8c4740ebcf33_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:8dd2654d1e078941de8b8cbd1d9aa3348ff8893c35edb5c513116129eae74207_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:060f753e5e57904fd0b3cea1f47f5a45a300ba40c3de448dce04fc4857200127_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ad2b63ce031af12d8c31eb40652e324ea9cc5891624c4e1683c00d2948825c0f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:ce71c4526b7cd5d2bebf771b38e6ac61a12c5dabe3d0f9963e27245944f9e6db_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:83e47a2dc1741bb81aa566f2b310ef0bd47a43792bcca823cdb8ee293c3c3e82_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ad7c57277851a741e0bc2536f564e86b59be8377366f4b1b7ea79aaa662dc6fa_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b565441374903dafa3ee00f015cabdf3c16b282d143fb1c9c91dcd126697d71d_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:172711e18b4289efdda02b662beeaa6941f7b41a533410871c9505b76f6a4481_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:7c15e7d6064a4f45e6aabb8ff309bd0244ff789ee392815d85f2321a90917929_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:b0d4ba54ba1e9bf8afe640c9c5b2c5eed807c22423a75e39702c033e41c93229_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2468f097410bad3de5799b9d46801a04b4580a53d05498dcae37edf73c157826_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:8e8acf87581468fd98a97fe28438ea0146b3d8c2b12a322f5c63bf11b4588d81_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f2ebd7e0fba97e74519ce5e05c1a5205e5a76d72ae88e8c83d4722f1f8c8950b_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:2a7393086842c64287c32d7cc99ba498c53ec164b3309df59277fb1bef6bbbad_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:358e601cd9e79a86df7bc735fc593a707ad4fc4e14ed8f39131297a26fb282c3_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:668c8f074fd4b5ee1cd55f3f4b139965b570b0344e8e3b248cc0fecc14a7e4a6_ppc64le"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:6085
Vulnerability from csaf_redhat - Published: 2023-10-24 15:32 - Updated: 2026-06-19 19:32Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing security update
Severity
Important
Notes
Topic: An update is now available for Red Hat Openshift distributed tracing 2.9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)
* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)
* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)
* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.
6.5 (Medium)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.
5.3 (Medium)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Affected products
Fixed
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
68 references
Acknowledgments
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Openshift distributed tracing 2.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n\n* golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)\n\n* golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)\n\n* golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)\n\n* golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)\n\n* golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6085",
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6085.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing security update",
"tracking": {
"current_release_date": "2026-06-19T19:32:50+00:00",
"generator": {
"date": "2026-06-19T19:32:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2023:6085",
"initial_release_date": "2023-10-24T15:32:35+00:00",
"revision_history": [
{
"date": "2023-10-24T15:32:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-24T15:32:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-19T19:32:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 2.9",
"product": {
"name": "Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product_id": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product_id": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product_id": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product_id": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product_id": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product_id": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.47.1-10"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.47.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.81.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.81.1-3"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product": {
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product_id": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8\u0026tag=2.1.1-9"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product_id": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-rhel8\u0026tag=742e3d3-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product_id": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8\u0026tag=fe53f40-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product": {
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product_id": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-operator-bundle\u0026tag=0.3.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product": {
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product_id": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-rhel8-operator\u0026tag=0.3.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product": {
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product_id": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/tempo-query-rhel8\u0026tag=0.3.1-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64"
},
"product_reference": "rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64"
},
"product_reference": "rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64"
},
"product_reference": "rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le"
},
"product_reference": "rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le"
},
"product_reference": "rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64 as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x as a component of Red Hat OpenShift distributed tracing 2.9",
"product_id": "8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
},
"product_reference": "rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-29409",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228743"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying signatures, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29409"
},
{
"category": "external",
"summary": "RHBZ#2228743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409"
},
{
"category": "external",
"summary": "https://go.dev/cl/515257",
"url": "https://go.dev/cl/515257"
},
{
"category": "external",
"summary": "https://go.dev/issue/61460",
"url": "https://go.dev/issue/61460"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ",
"url": "https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1987",
"url": "https://pkg.go.dev/vuln/GO-2023-1987"
}
],
"release_date": "2023-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: slow verification of certificate chains containing large RSA keys"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw has been marked as moderate instead of high like NVD \nQUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message, while HandleData doesn\u0027t limit the amount of data it can buffer, a panic or denial of service would likely be lower severity,also in order to exploit this vulnerability, an attacker would have to smuggle partial handshake data which might be rejected altogether as per tls RFC specification.Therfore because of a lower severity denial of service and conditions that are beyond the scope of attackers control,we have marked this as moderate severity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A vulnerability was found in the Go QUIC protocol implementation in the logic that processes post-handshake messages. It is an uncontrolled resource consumption flaw, triggered when a malicious connection sends data without an enforced upper bound. This leads to unbounded memory growth, causing the service to crash and resulting in a denial of service.The single-dimensional impact of denial of service and the added complexity of whether the resource exhaustion would happen, being out of an attacker\u0027s control,this has been rated as moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-24T15:32:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6085"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:075e5a497bd37954221774f3b0e97a86f87bf9a8564a87fa8269b2acb01a5fdf_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:5667bbe8cdf5ef5b93fe2eb51af1b03ac25db50ee7f13a35e97c67968f70d9bc_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-agent-rhel8@sha256:b57f6bbb0fd714828d0b9bf4759a04cad8ba98db394dbb79d8a5a9d2c48a8383_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:21de0110a12e568d4fa9a814b1f3fb79b132be34770f795c6f43922a454bba34_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:3555c97e1edbc18ecc7ad756dae043a55215bcacd31e70a41c3e444a4b5bac98_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-all-in-one-rhel8@sha256:dd221ad03daa551a30a5b3631b9a489ab29147f4d0d380f317ee6e8999c5638f_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:20dfc6ffe41e4dceb854a2fa99cad5d6a9b48e8bfc51329fed767f47b7cb461f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:9551931c00cc1052ddb32310153352d56c70a50826c29bcee53fc048c6995399_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-collector-rhel8@sha256:a3224c5e1b39ca4a33f806a5930dd37304578420f382c43158ee290fffd21533_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:699727f91948e7a870cdae3f8d3cf88cdf1df934ea6c4e5e1a86467b7ea62da3_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:6c1435712a36384a562448ec972ac39378b1e976490146cda1c98b510c76d849_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:c53876745a6ae8a8ca6ec74d22f8cae148cf4b99e45c3efdcca323b6fbb4ad0e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:0b0b4bb1d943449bbfe99653eb918583b38e6e7fc9317653acf487bb33715fcf_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:8bfdcdb4432975726865d321037b600260c4df1b3a1811d1c85523d61e91bccc_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-es-rollover-rhel8@sha256:fbce2ceb4a0c5231823c931b87726b7a6a5e5f0c87ba93abad09acb11661a675_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:0d7c0ff5a6c0e645856e1550bfb8acea763d013e4b706b7da972094c26d8a3ba_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:27b6554e746eae26692298e78d623b3b7dc6ba53330c5e398beacd8d41512732_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-ingester-rhel8@sha256:498a6186790b5e8dc2ff8bc49f5a163a51b19ee36c5030b6ae44fd0c1dbe4139_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1a5c829466a50a4ed1b509fa83b1ffacb5290840e64c1f805e462c533a26c075_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:1bbbe479ae64cb639bde227e52bb60c55a855fed9109c0ba850e2b1474c8cf5d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-operator-bundle@sha256:f2ebe6b3b913ae5d0df0b985d4c2a93fc0f9dd90e97cdc2d39fdbb40a92c494a_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:40183936d78c62c1b34807bf21c6fa3570ab5a4c3fdcf2c708b6e2225addf88d_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:db25d6492ba18bf18fe8f63c86a9d565938da15c7c639b77d6b9285db0174094_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-query-rhel8@sha256:ebc33a6ada6c578e6b113bdfa3e0a9570f15e75cb3e87fa99a3ec23056d58f02_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:17b698d2b2bde4985346b6ffe28c4b0a71e0a6fec4937144aef5db4ca20f60e4_s390x",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:c3b11d9f4e98457310bd5a2a782ef02c85dabd0a97e954a5c385f648e168b9ba_amd64",
"8Base-RHOSDT-2.9:rhosdt/jaeger-rhel8-operator@sha256:e4722e3dbb65c43212e1f86bf5b24779879288a9044d57f2c33aed5baf1b2d33_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:97a23c3fdf791b59df6bc6e6f9311599ba2f3900aebe64ce4eaf8f77a7f76336_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:b9f94f8023b1e904e874ff67b5829c3c0e0a44aaeda6e88f8f34fa92d5f8a62c_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-collector-rhel8@sha256:d68e45ac3dd60f05aab018cba084ff93195bf9175ba642164cb062f7a4b9d71f_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9b88c187427bf315cc27690e22425000b87de35b40b04e566152eaf5319043c6_s390x",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:9de35e845d96684ca3009299dc5034742031f7632f839f877d812a243fd17f75_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-operator-bundle@sha256:dcfa33e5ff47f227e6a27d3babd88b02d269e96fc040eb0bc4301edd62dd404b_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:5a2e8e06addd84a2c83976a57b84187f8450f45244bd7174b0078d2b2d9e5635_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:b5f01804dc8b8e1b0cc179dc79aff1298fe29c2239d694fedf958adee7e27ec3_amd64",
"8Base-RHOSDT-2.9:rhosdt/opentelemetry-rhel8-operator@sha256:c940703247b04c520a51bf76f09a29eaa2e30d4e4d40db14f07e0ceba89eefbd_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:f39bf591bff322ca89eddc61dc1b8ed00b018ca0aac39228c3cc33368c9928e6_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:fc8a5757270970c2bcd42f659bdde3d9edebd0054cbd01541479c9aa51135cc8_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-opa-rhel8@sha256:ff6ebe99d093908235e41a3fc84a13ae4d4b647063d0a48925b5aaa0d3017724_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:4967482a0ef9ef89de4583d7ec9f6666e2334dacb099d5cb556f93f1118f5809_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:d5e00c9ebe3d8d4b009f1f6d7383d453ce9186e7e6ec1fc4c834b86461e831d9_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-gateway-rhel8@sha256:ec8e340dc736f5f1d8f0ac4f0b5d767660bbcdc96e2dbc48d8349f20c11e5c46_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:10394c478c148eaf171f328289b1bbec15b357bd1d5eb473abb31c2cd6cb5643_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:4fb7b99e4156f1c0e67708527ba6336fab647a717e6cad08dac93d191e820c70_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-operator-bundle@sha256:c54b08652dfdecd90c604e144e08da7eb6908f89cf4b5fe9bcb7844d28a2a002_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:307638d85cab7d8502cd6acd45d626a6e26a3c37ab3fb008946e80eee2e4a372_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:8c0c9b1534e1c2e4c513b8cef10df8daf9aed0e1798b563667b50c3e8554979b_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-query-rhel8@sha256:b5b4d89e126c76fa960a5ac2ba4b63f0e74ab5439cac372e1e0ebe81c1315b3e_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:4d62e2ee295809b3cfd0f663892226f1c1f5cf4ccb841fb322149b1d4088f135_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:946413dd5505c92b1eb0c3343fedf7c99ed104cd51933b8ad0dad92c9d85e1f1_s390x",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8-operator@sha256:f870fcbe6367921e167ee564e04db11daeaeafce3fa970aa28d8f8239be6391f_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:81b5694019779cea93a418e6edf684f54525dcb7da9a4090c7b886184bebe605_ppc64le",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:e77206dcf8a958c662f816161d9fa942eb7cd1749aa165075805e0add74e4cfb_amd64",
"8Base-RHOSDT-2.9:rhosdt/tempo-rhel8@sha256:efb15ac8f44d2ddcc0ac0913131df69f31ebd4aad76c503364b5efb517eabf40_s390x"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…